[Opendnssec-develop] review: Signature recycle etc.

Jakob Schlyter jakob at kirei.se
Thu Sep 30 07:55:11 UTC 2010


On 29 sep 2010, at 15.44, Matthijs Mekking wrote:

> New rule:
>  If there are not enough valid signatures, additional signatures
>  must be created. The DNSKEY RRset MUST have equally number of
>  signatures as there are active KSKs. Every other RRset MUST have
>  equally number of signatures as there are active ZSKs.

this sounds more like a rule for an enforcer, than a rule for a signer, no?

	j




More information about the Opendnssec-develop mailing list