hugo hugoo <hugo...@hotmail.com> wrote: > Can anyone tell me why signatures in dnssec mut be renewed every 30 > days?
The limited lifetime of the signatures reduces your exposure to a replay attack. After the signature has expired an attacker cannot fool a victim by giving them the stale data. > What are the modifications made on a zone with a resign? The signatures are regenerated with updated expiry times. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
