[Opendnssec-develop] Re: [OpenDNSSEC] #68: validity period passed, but no new signatures created
OpenDNSSEC
owner-dnssec-trac at kirei.se
Mon Jan 4 13:41:49 UTC 2010
#68: validity period passed, but no new signatures created
---------------------------+------------------------------------------------
Reporter: lijia@… | Owner: matthijs
Type: defect | Status: new
Priority: major | Component: Signer
Version: trunk | Keywords: resign, expire
---------------------------+------------------------------------------------
Comment(by rb):
Correct. <Refresh> is the refresh interval, detailing when a signature
should be refreshed. As signatures are typically valid for much longer
than the interval between runs of the signer, there is no need to re-
generate the signatures each time the signer is run if there is no change
to the data being signed. The signature will be refreshed when the time
until the signature expiration is closer than the refresh interval.
I have updated the documentation to reflect this.
--
Ticket URL: <http://trac.opendnssec.org/ticket/68#comment:8>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list