[Opendnssec-user] Duration key mamagament
sdiacque at citic74.fr
Fri Feb 19 13:23:21 UTC 2010
I make some test with OpenDNSSEC and I have some difficulty to configure
the key rollover.
There is 4 state for a key (Publish, Ready, Active and retire)
Isn't it possible to configure the duration of each state ?
Publish P5D ->Ready P30D->Active P30D ->Retire P30D->DEAD
With the actual configuration how do you make for have one key in each
KEY1 : Publish >Ready >Active >Retire >DEAD
KEY2 : Publish >Ready >Active >Retire >DEAD
KEY3 : Publish >Ready >Active>Retire >DEAD
I think it's important to always have a key in Ready state for the
emergency rollover !
Thanks for your answer
More information about the Opendnssec-user