[Opendnssec-develop] Matching DNSKEYs up to Keys->KSK elements
Alexd at nominet.org.uk
Alexd at nominet.org.uk
Thu Sep 3 14:59:12 UTC 2009
Hi -
I'm meant to be tracking DNSKEYs (their in-use lifetime, and the number of
pre-published keys). I'm meant to check these against the kasp.xml
Keys->KSK or Keys->ZSK elements.
The thing is that there can be several of these elements per algorithm.
So, I don't know how I can take a DNSKEY record from the zone and relate
it to an individual Keys->KSK or Keys->ZSK element. So, I don't know what
the associated Lifetime or Emergency elements are either, and can't audit
the key.
Does anybody know how I can match up a DNSKEY RR in the zone to an
individual Keys->KSK element, without looking up the database?
Thanks!!
Alex.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090903/518754d9/attachment.htm>
More information about the Opendnssec-develop
mailing list