[Opendnssec-develop] Off-by-one error and new year

Rickard Bellgrim rickard at opendnssec.org
Tue Dec 27 10:36:41 UTC 2011


An error, as seen on the user's list, has been uncovered. I think we
should make an announcement of this.

Due to this error, you could get signatures that are valid for one
year extra. What happens if you leave the signature in the zone? Will
it be removed during the next key rollover?

This problem is only on 32-bit platforms.

I think they should remove the tmp files and create new signatures.

// Rickard

More information about the Opendnssec-develop mailing list