On 12/11/10 15:45, Lightner, Jeff wrote:
For Production (RPM based system) you should use RHEL or CentOS which has a much longer life cycle. (Speaking of which, RHEL6 was just put in
I don't agree with your line of reasoning. RHEL may have longer update cycles, but there's no guarantee a particular RHEL install will be applying updates in real-time, so the keys in the dnssec-conf package may still get out of date, or a RHEL install may run after it's 5-year update cycle ends.
I think the dnssec-conf package should have had a nightly cron job to refresh these keys, and it was a mistake to deploy without such.
Just my opinion of course. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
