Am 18.07.2016 um 12:48 schrieb Tony Finch:
> If your rollover time is much shorter then you are testing something that
> is more like an emergency unplanned rollover.
At the moment I am merely testing in this "high-frequency" setup to get
a good feeling for the mechanics and the interaction betwee
Nis Wechselberg wrote:
> Am I getting it right that the rest of the zone is not (re)signed
> because the current signature is still valid for some time?
>
> So if I were to set sig-validity-interval to a shorter value, this would
> help with the issue?
If you are testing out a fast rollover sche
Hi,
you are right, I got confused there.
Am I getting it right that the rest of the zone is not (re)signed
because the current signature is still valid for some time?
So if I were to set sig-validity-interval to a shorter value, this would
help with the issue?
Sadly it seems to be a value in days
In message <5788c969.6070...@enbewe.de>, Nis Wechselberg writes:
> Hi,
>
> I am curently testing a dnssec setup with the new dnssec-keymgr tool. I
> created a test zone with very fast key rollover setings and very short
> TTLs. (Configs below)
>
> The automated creation of keys seems to work fin
Hi,
I am curently testing a dnssec setup with the new dnssec-keymgr tool. I
created a test zone with very fast key rollover setings and very short
TTLs. (Configs below)
The automated creation of keys seems to work fine but bind behaves other
than I would have expected.
- Initial deployment looks
5 matches
Mail list logo
