[Opendnssec-user] possible error in error message of ods-signerd
Matthijs Mekking
matthijs at nlnetlabs.nl
Tue Jul 17 17:07:58 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/17/2012 05:08 PM, Paul Wouters wrote:
> On Tue, 17 Jul 2012, Matthijs Mekking wrote:
>
>>> It's somewhat misleading, as I think all RRSIG generation
>>> failed, and the message 81 out of 1910549 failed wrongly
>>> suggests some RRSIGs were correctly generated.
>>
>> I guess 81 signatures could be reused and no HSM interaction was
>> required.
>
> You're missing the point. The zone never has or needs more then 81
> signatures because it is signed with opt-in. We don't need 2M
> RRSIGs.
Ok, so it's opt-out, not opt-in (or you only have 80 delegations).
Matthijs
>
> Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJQBZvuAAoJEA8yVCPsQCW50K0H/RIQX+S9TvTk0h8Sf0sWNKhD
seYgNLR8JPJXhoi0flEP+WTdvcvmP2A+tPsis+mDJCiGKGJaR+Ak+PGBrgn3oiO7
MdD9ucZTmL03T9IjWpxg1XfRwWSgdRb7NYu3PWhE+pNn6YOM36HwDd7GP6A3+vnm
R0hLEg3hyJhCQLYS/CRZGvkKlONs2R0Q1WSeySeqivRwv/pfoHDed37CE8PMy2Sn
SfU69KHb+3dD5NTTMhVVufjnrN93cvW+7yGSxHBbTc49I6ykkJv7B+kht01tyM1Y
XEhAwbOCaZRC6v4JWgmIbI3Jipub5SdR3NpY1pJF/UQZMUw6M4rHzlyCwInT/Bc=
=m7L3
-----END PGP SIGNATURE-----
More information about the Opendnssec-user
mailing list