[Opendnssec-develop] relationships between KASP paarameters

John Dickinson jad at jadickinson.co.uk
Wed Mar 11 15:59:09 UTC 2009

Sion and I are wondering if the Enforecer/libKSM should validate the  
policies. For example there could be a set of rules like:
  - TTLs must be no less than 5 min and no greater than 2 years
  - key lifetime must be at least n * TTLkey where n is some number  
like 5.
  - ...

these are made up examples please don't worry about the exact numbers  
for now :)

Do people think that
a) the enforcer/libKSM is the place to do this
b) this should be done at all
c) this should be left for the GUI/CLI that populates the KASP DB?
d) this should wait for v2

John Dickinson

More information about the Opendnssec-develop mailing list