On Jan 18 2013, Stephane Bortzmeyer wrote:
On Fri, Jan 18, 2013 at 09:08:37AM +1100,
Mark Andrews <[email protected]> wrote
a message of 38 lines which said:
.mm failed to re-sign their DNSKEY RRset.
Note that, because Unbound is tolerant by default ("10 % rule"),
Unbound users will see the problem only on Sunday:
Is fudging the expiry times like that really a good idea? If all
all validators allowed a 10% overrun, DNS operators would just
get 10% sloppier and we would back where we started.
--
Chris Thompson University of Cambridge Computing Service,
Email: [email protected] New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715 United Kingdom.
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
