[Opendnssec-develop] Purge keys
Sion Lloyd
sion at nominet.org.uk
Mon Aug 16 09:59:26 UTC 2010
Morning.
I'm reworking the purge keys code to cope with the new key sharing. I'm
wondering if anyone has views on the following...
If a key has been in the dead state for long enough on zone "A", but is yet to
be used by zone "B" on the policy, should we purge it?
My thought is that we should, because we are trying to save space on the HSM
and there must be enough keys without this one to keep zone "A" happy.
Can anyone think of a use-case for purge where this would not be appropriate?
Cheers,
Sion
More information about the Opendnssec-develop
mailing list