On Apr 11, 2013, at 8:34 AM, Noel Butler <noel.but...@ausics.net> wrote:
> Sign them for longer, I typically use 90 days > > On Thu, 2013-04-11 at 12:14 +0000, hugo hugoo wrote: >> Hello, >> >> Can anyone tell me why signatures in dnssec mut be renewed every 30 days? >> What are the modifications made on a zone with a resign? >> >> Thanks in advance for the clarifications. Better solution: Sign them more often. Why not sign them twice a day? I use dynamic zones and never concern myself with expired signatures. You can also use inline signing to remove this "hassle". I personally don't think that extending the signature validity period is a good idea. AlanC -- Alan Clegg | +1-919-355-8851 | a...@clegg.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
