[Opendnssec-develop] relationships between KASP paarameters
John Dickinson
jad at jadickinson.co.uk
Wed Mar 11 15:59:09 UTC 2009
Sion and I are wondering if the Enforecer/libKSM should validate the
policies. For example there could be a set of rules like:
- TTLs must be no less than 5 min and no greater than 2 years
- key lifetime must be at least n * TTLkey where n is some number
like 5.
- ...
these are made up examples please don't worry about the exact numbers
for now :)
Do people think that
a) the enforcer/libKSM is the place to do this
b) this should be done at all
c) this should be left for the GUI/CLI that populates the KASP DB?
d) this should wait for v2
John
---
John Dickinson
http://www.jadickinson.co.uk
More information about the Opendnssec-develop
mailing list