A question regarding the Import keyset feature for Infoblox DNS
Moving a DNSSEC-signed zone from Bind to Infoblox could include importing existing DNSKEY/KSK from the Bind DNS to sign the zone with existing and new key. As stated in RFC 6781 section 184.108.40.206 - DNSSEC Operational Practices.
However, the Import Keyset feature is not well documented and the support states:
"Please note that you would not be able to import signed zone with the Key that you used in Bind. Once the zone is migrated to Infoblox, you would have to sign the zone once it is imported to Infoblox"
One could of course take the approach to unpublish the existing DS-records, import zone and sign it in Grid and publish the new keys at the Registrar
Anyone with more info regarding the Import Keyset feature?