[Opendnssec-develop] Re: [OpenDNSSEC] #72: The "<ShareKeys/>"

OpenDNSSEC owner-dnssec-trac at kirei.se
Wed Jan 13 09:32:55 CET 2010

#72: The "<ShareKeys/>"
Reporter:  archi.laurent@…          |       Owner:  rb          
    Type:  enhancement              |      Status:  assigned    
Priority:  trivial                  |   Component:  SoftHSM     
 Version:  trunk                    |    Keywords:  <ShareKeys/>
Changes (by rb):

  * status:  new => assigned


 Thanks for your comments. I have updated the documentation.

 The <!-- and --> are used to mark text as a comment. Remove these and the
 tag will be used.

 If multiple zones are associated with a policy, the presence of
 <ShareKeys/> indicates that a key can be shared between zones. E.g. if you
 have 10 zones then you will only use one set of keys instead of 10 sets.
 This will same space in your HSM. If this tag is absent, keys are not
 shared between zones.

 <ManualRollover/> is an optional tag. This tag indicate that the key
 rollover will only be initiated on the command by the operator. There is
 still a second step for the KSK, where the key needs to be published to
 the parent before the rollover is completed. Read more in the chapter
 "Running OpenDNSSEC". The ZSK rollover will although be fully automatic if
 this tag is not present.

Ticket URL: <http://trac.opendnssec.org/ticket/72#comment:1>
OpenDNSSEC <http://www.opendnssec.org/>

More information about the Opendnssec-develop mailing list