> That's what I mean with "key 22924 of framail.de has a delete date of > 2012-05-07T14:55:02 set".
Okay. But you also said it was deleted from the repository at or before that time, and clarified that this meant your script had deleted it. It needs to remain in the repository until *after* all scheduled events have taken place. > I have "auto-dnssec maintain;" set and my understanding is, that named > does not require a rndc loadkeys to remove the key from the DNSKEY RRSET > if the delete time, set with dnssec-settime, has passed. > Is this wrong? No, that's correct. "rndc loadkeys" is only necessary when you want to change timing on a key and have named notice the change immediately. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
