On 2026-02-27 10:47 +11, marka <[email protected]> wrote: >> On 27 Feb 2026, at 06:41, Florian Obser <[email protected]> wrote: >> >> On 2026-02-26 15:50 UTC, Jim Reid <[email protected]> wrote: >>>> On 26 Feb 2026, at 15:11, Florian Obser <[email protected]> wrote: >>>> >>>> How can the LocalRoot server figure out what the real expire time is >>>> when using http? At what time should it stop using the zone file and >>>> switch to querying the root name servers? >>> >>> Surely the SOA record's metadata answers those questions? Maybe I'm >>> missing something. >> >> Yes, it's the expire time. The root zone currently expires 604800 >> seconds (i.e. one week) after it gets loaded: >> >> . 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. ( >> 2026022602 ; serial >> 1800 ; refresh (30 minutes) >> 900 ; retry (15 minutes) >> 604800 ; expire (1 week) >> 86400 ; minimum (1 day) >> ) >> >> Note that this is an interval, not a time stamp. If I load a root zone >> from ten days ago it will be valid for another week. Surely that is not >> correct. > > That’s why nameservers look at file modification times when setting the > expiry time. It’s also why they back date file modification times when > using EDNS EXPIRE so that the zone will expire at the correct time after > a restart.
Sure, but Jim's assumption was that the absolute expire time can be worked out from the SOA record alone, which is not true. We have this solved with (A|I)XFR + EDNS EXPIRE, but the draft needs words on how to handle the expire time when fetching a txt file from a webserver. -- In my defence, I have been left unsupervised. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
