[Opendnssec-develop] separate validity for signatures over DNSKEY

Jakob Schlyter jakob at kirei.se
Tue Mar 16 15:39:49 UTC 2010

On 16 mar 2010, at 16.25, sion at nominet.org.uk wrote:

> Anything that is passed through the enforcer to the signer needs to be
> stored in the database. So there will be compatibility issues there too.
> I also think that usability wins, a lot of the issues we see already are
> due to misunderstandings of how things work.

schemawise, we can support both syntaxen and the enforcer could be teached to parse both.
for the signconf, we don't need the backwards compatibility I guess.

I can make the schema and example changes tonight.


More information about the Opendnssec-develop mailing list