[Opendnssec-develop] Re: [OpenDNSSEC] #165: Patch: Incrementing SOA in the signer engine
OpenDNSSEC
owner-dnssec-trac at kirei.se
Thu Aug 5 12:34:57 UTC 2010
#165: Patch: Incrementing SOA in the signer engine
--------------------+-------------------------------------------------------
Reporter: vanrein | Owner: matthijs
Type: defect | Status: closed
Priority: major | Component: Signer
Version: 1.1.1 | Resolution: fixed
Keywords: |
--------------------+-------------------------------------------------------
Changes (by matthijs):
* status: new => closed
* resolution: => fixed
Comment:
I understand the problem, it is there once you switch to OpenDNSSEC. So,
it's a one-time problem.
I acknowledge it is an issue, but I also think it has a side effect. It
can screw up the soa serial policy. The output serial cannot be guaranteed
to be unixtime, counter or datecounter anymore, because the input serial
is an arbitrary value.
Not sure if this side effect is a problem for other (future) users.
Technically, it doesn't break anything. Policy wise, it may.
Nevertheless, I think it is more important that it does not break
technically when you switch to OpenDNSSEC, so I have applied the patch in
r3650.
Thanks!
--
Ticket URL: <http://trac.opendnssec.org/ticket/165#comment:1>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list