[Opendnssec-develop] Enforcer engine
Rickard Bellgrim
rickard at opendnssec.org
Tue Jun 21 15:17:22 UTC 2011
Thanks, great document.
Questions:
* The key "i" in the rules indicates all keys, right?
* ZSK Double Signature rollover is said to be fastest. But what if
TTL(key)=1 and TTL(sig)=3?
ZSK Double Signature rollover: 2xMaxTTL(key,sig) = 6
ZSK Pre-Pubplucation[sic] rollover: 2�xTTL(key) + TTL(sig) = 5
On Tue, Jun 21, 2011 at 12:46 PM, Yuri Schaeffer <yuri at nlnetlabs.nl> wrote:
> Hi,
>
> Attached you will find the newest version of this document. It is
> largely complete but might still receive updates in the coming days.
> However, I think it is useable for anyone joining the enforcer-ng
> teleconf next Thursday.
>
> A newer version might be found in svn at any time
> /home/yuri/enforcer_model2/
>
> Regards,
> Yuri
>
> --
> Yuri Schaeffer
> NLnet Labs
> http://www.nlnetlabs.nl
>
> _______________________________________________
> Opendnssec-develop mailing list
> Opendnssec-develop at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop
>
>
More information about the Opendnssec-develop
mailing list