[Opendnssec-user] possible error in error message of ods-signerd
paul at nohats.ca
Tue Jul 17 15:08:25 UTC 2012
On Tue, 17 Jul 2012, Matthijs Mekking wrote:
>> It's somewhat misleading, as I think all RRSIG generation failed,
>> and the message 81 out of 1910549 failed wrongly suggests some
>> RRSIGs were correctly generated.
> I guess 81 signatures could be reused and no HSM interaction was
You're missing the point. The zone never has or needs more then 81
signatures because it is signed with opt-in. We don't need 2M RRSIGs.
More information about the Opendnssec-user