[Opendnssec-user] Upgrading to 1.1

Mathieu Arnold mat at mat.cc
Wed Jul 14 10:31:48 UTC 2010

+--On 14 juillet 2010 11:47:19 +0200 Matthijs Mekking
<matthijs at NLnetLabs.nl> wrote:
| Hash: SHA1
| Hi Mathieu,
| That are indeed a lot of NSEC3 records. Could you share with me the
| kasp.xml file you are using for this zone (off list if you like)?

It's pretty standard, but that's the part :


                                        <Salt length="8"/>

                        <!-- Parameters for both KSK and ZSK -->
                        <RetireSafety>PT30H</RetireSafety> <!-- P1DT6H
fonctionne pas -->
                        <PublishSafety>PT30H</PublishSafety> <!-- P1DT6H
fonctionne pas -->
                        <!-- <ShareKeys/> -->

                        <!-- Parameters for KSK only -->
                                <Algorithm length="2048">7</Algorithm>

                        <!-- Parameters for ZSK only -->
                                <Algorithm length="1024">7</Algorithm>



                <!-- <Audit/> -->

Mathieu Arnold

More information about the Opendnssec-user mailing list