Maintained by: NLnet Labs

[Unbound-users] list_insecure in unbound-control

Jelte Jansen
Mon Apr 6 21:49:53 CEST 2015


not too long ago two new commands appeared in unbound-control;
insecure_add and insecure_remove, to manage negative trust anchors.

These are great and I want to make use of them, but I could not find a
way to list the current negative trust anchors, which would be a very
useful command as well for what I'm thinking of.

I've attached a patch that adds a list_insecure option; it goes through
the anchors and prints the domain name of each anchor without DS or
DNSKEY records.

Please consider this for inclusion in the next release. Or, if I am
simply blind and such an option did exist already, please ignore this
patch and kindly point me in the right direction :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: unbound_control_list_insecure.patch
Type: text/x-patch
Size: 2035 bytes
Desc: not available
URL: <>