[Opendnssec-user] how does auditor calculate delays?
AlexD at nominet.org.uk
Wed Feb 2 14:48:49 UTC 2011
Firstly, apologies for the delay in responding to this.
On 13 Jan 2011, at 12:41, Gilles Massen wrote:
> I'm struggling to understand why auditor has been complaining: I had a
> ZSK that was in use too long (because no further keys were generated).
> So at that point I ussued a ksmutil key generate which worked perfectly.
> After some time I saw then this:
> ods-auditor: Key (24150) has gone to active use, but has only
> been prepublished for 26946 seconds. Zone SOA ttl is 43200
> Why is the SOA ttl considered for the check? DNSKEY TTL I'd understand,
> but SOA?
The auditor specification has now been changed to use the DNSKEY TTL, and the implementation fixed in svn r4369.
Thanks for the report,
More information about the Opendnssec-user