[Opendnssec-develop] review: Signature recycle etc.
Jakob Schlyter
jakob at kirei.se
Thu Sep 30 07:55:11 UTC 2010
On 29 sep 2010, at 15.44, Matthijs Mekking wrote:
> New rule:
> If there are not enough valid signatures, additional signatures
> must be created. The DNSKEY RRset MUST have equally number of
> signatures as there are active KSKs. Every other RRset MUST have
> equally number of signatures as there are active ZSKs.
this sounds more like a rule for an enforcer, than a rule for a signer, no?
j
More information about the Opendnssec-develop
mailing list