Evan Hunt wrote:
>
> It is intentional; it spreads out the work of resigning over a longer
> period of time to reduce the load on the server. (And a lot of people
> prefer smaller IXFRs anyway.)
We have tweaked sig-signing-nodes and sig-signing-signatures to make
incremental signing work in large
Thanks, that's what I wanted to know. I'll leave it like it is now.
Robert
Am Freitag, den 28.08.2015, 21:24 + schrieb Evan Hunt:
> On Fri, Aug 28, 2015 at 07:24:23PM +0200, Robert Senger wrote:
> > Is that the intended behaviour, or do I miss a point to get the zones
> > resigned in one si
On Fri, Aug 28, 2015 at 07:24:23PM +0200, Robert Senger wrote:
> Is that the intended behaviour, or do I miss a point to get the zones
> resigned in one single action (and transfered with one single IXFR)
> rather than getting each RR resigned separately?
It is intentional; it spreads out the work
Hi all,
after upgrading from Debian Wheezy to Jessie, the dnssec-tools package
(including rollerd for automatic ZSK key rollover) is no longer
available.
So I've set up bind9 to do the signing:
zone "mydomain.de" in
{
4 matches
Mail list logo
