[Opendnssec-develop] Zone re-sign interval and SOA serial

Rickard Bondesson rickard.bondesson at iis.se
Wed May 20 08:24:43 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> If the re-sign interval is set to 4 hours and the signer 
> receives a new zone file every second hour (with updated SOA 
> serial), will the internal counter for the re-sign interval 
> be reset when the updated zone is signed? And thus will new 
> signatures newer be generated out-of-sync with the zone 
> transfers? And no SOA serial is needed to be updated within 
> the signer?

Jelte do you have an answer for this? Will the Signer Engine reset the re-sign timer when a zone update arrives? Thus will the zone output always be in sync with the zone input in this scenario?

// Rickard
-----BEGIN PGP SIGNATURE-----
Version: 9.8.3 (Build 4028)
Charset: utf-8

wsBVAwUBShO+S+CjgaNTdVjaAQgZVAf/aATfjXv1tGm4PB/9hRU5WNy3KMXUrc+d
qNfbgABY7wj4pgQG/7YSsGZGbTd0PQrUMqUhJx9YbJyXd37QkE/Y3qrFyBe/sATc
SDO7haqD9Nl5hijGB1wQ3V5yLxx5dyWbRQGDN5WrPjVzCxnlF/xEBrjZHgVC6RjZ
ree4O0NkeYiXLPAFhwXK5xrC5RdRrFsbNwgUiacHQdpmiaH3eMFMksATMxbt3Jz7
nn7fuA/8oEucQDlIDap3TeuHh6d4raZA854a6cnx0xp/sz/IkLXgOSwVl4i0ki1B
r0DlaaLp+9BSFIYoLRBZIPtXQ4aPLJdN0FTW/m6srb81PLpWi0KL3g==
=eQGp
-----END PGP SIGNATURE-----



More information about the Opendnssec-develop mailing list