Hi Matthijs,
When I try to delete zone example4 which is 200Mb before signed, the
ods-ksmutil zone delete -z example4 command lasts a considerably long
time(several minutes) to end, I'm not sure the process is down or not, so I
decide to stop the command brutally with "ctrl+c", but the zone exa
On Tue, 24 Jul 2012, Siôn Lloyd wrote:
Does ODS generate the rollover tiemstamps for all future keys at that
generation time ? Eg, can you copy the kasp.db after generating the keys
and have identical future rollover timestamps for multiple signers?
No, it does not pre-allocate keys to zones o
On Tue, 24 Jul 2012, Matthijs Mekking wrote:
What serial arithmetic do you use ()?
unixtime
Valid reasons for the serial decreasing might be loss/corruption of
back up file.
I surely deleted backup/tmp files in /var/opendnssec in the last half
year, so those files for colah.ca did get lost
On 14/07/12 03:06, Paul Wouters wrote:
On Fri, 13 Jul 2012, Rickard Bellgrim wrote:
Remember that the physical keys are stored in the HSM. We also need
more properties than just the key values (exponent, modulus, ...).
This is why we need the KASP Enforcer Database. This database will
have the
Keys will not be reused if they are marked as retired or dead for any of
the zones that are using / have used them.
Is it possible that a zone has been deleted from this policy? That would
mark its keys as dead and so make them ineligible for further use. (The
idea is that if you keep adding z
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
This has been fixed just now (r6490). Thanks Stuart for the debug logs.
Best regards,
Matthijs
On 07/24/2012 05:44 AM, 刘硕 wrote:
> Hi Jerry,
>
> I'm using the code from your trunk, and I have tested example4(20Mb
> as described many times), a
