[Opendnssec-develop] Missing TTLs in zone files

Matthijs Mekking matthijs at NLnetLabs.nl
Mon Oct 19 10:49:36 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It is implementation dependent, although we should not derive it from
the Minimum field. (why explicitly not?).

Our current mechanism is to set the default TTL to 3600, if no $TTL and
explicit TTL at the RR. The SOA TTL becomes 3600 only if no $TTL and
explicit TTL at the RR *and* the <SOA><Minimum> is not set in the signer
configuration.

So we are conform the specification, is this the mechanism we want?

Matthijs

Ray.Bellis at nominet.org.uk wrote:
>  
>> Hi Ray,
>>
>> Where do modern implementations get their 'default TTL' value from
>> if the per record TTL and TTL directives are omitted?
> 
> Damned good question.  RFC 2308 appears to be silent on that issue,
> except to say:
> 
> "Where a server does not require RRs to include the TTL value
> explicitly, it should provide a mechanism, ** not being the value of the
> MINIMUM field of the SOA record **, from which the missing TTL values
> are obtained." (my emphasis).
> 
> Ray
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Opendnssec-develop mailing list
> Opendnssec-develop at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBAgAGBQJK3EQ+AAoJEA8yVCPsQCW5W+4H/0sG1sFqPLSl32Yzgnsx3RZx
+ZdGYgzatnYVJeY7XyeK+FcN4Cz4jfTikMmta+mYqyB2GM1FREdTPqiDQaZsNJR1
PgfTOkMxm5cFDTpzyraGqII8e+/fGdApFMHfe4W6JoDCpF2SZXOlzgTB/mIsJr8Z
y07jovBodyOaivS5OewUzUDq3HFPe8m8f7g9FbbJ3IBQfC8Azs8xEcet+mk/Bs2Y
B44COFUke2boVNo2zN0StxLhp3LU7j9ZczTLRRWNFOfqBo/SSNLkDFpdynUdIGbi
bLSvBcV27jUPlOLCLSWyPYS9TJtAc7VtEHcdmkoEgTnSk4bkB1BEXVUJfDuittA=
=aSiF
-----END PGP SIGNATURE-----



More information about the Opendnssec-develop mailing list