[Opendnssec-develop] separate validity for signatures over DNSKEY

Matthijs Mekking matthijs at NLnetLabs.nl
Mon Mar 15 10:08:34 UTC 2010


There is no specific refresh tag for Denial as well.

To calculate the refresh time for Keys, it's basically a copy code of 
the refresh_denial, same behavior.

Matthijs

Rickard Bellgrim wrote:
> What about the refresh-tag?
> 
> This simple change, now implies a lot of changes. Just before a release....
> 
> On 12 mar 2010, at 16.12, Jakob Schlyter wrote:
> 
>> so, as some of you have noticed Patrik and I decided to add a parameter for specifying a separate validity for signatures over DNSKEY. I've implemented this in the signer, but the enforcer and auditor needs more work.
>>
>> matthijs; please review my signer changes.
>>
>> 	jakob
>>
>> _______________________________________________
>> Opendnssec-develop mailing list
>> Opendnssec-develop at lists.opendnssec.org
>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop
> 
> _______________________________________________
> Opendnssec-develop mailing list
> Opendnssec-develop at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop




More information about the Opendnssec-develop mailing list