[Opendnssec-develop] Erroneous jitter semantics

Jakob Schlyter jakob at kirei.se
Thu Mar 11 10:30:35 UTC 2010

after some discussion with my colleague, I suggest we change the implementation to do jitter as it should have been done in the first place (and how jitter is actually defined):

	expiration' = expiration - jitter + (rnd % (jitter * 2))

i.e., the jitter is the absolute maximum expiration variance.


- max(effective validity) = offset + expiration + jitter/2
- min(effective validity) = offset + expiration - jitter/2


More information about the Opendnssec-develop mailing list