[Opendnssec-user] PublishSafety default value
Miek Gieben
miek.gieben at sidn.nl
Wed Jan 9 13:12:02 UTC 2013
[ Quoting Antti Ristimäki at 15:10 on January 9 in "[Opendnssec-user] PublishSafety def"... ]
> Hi,
>
> I've been wondering whether the default value (3600s) for key
> PublishSafety margin is too short. As OpenDNSSEC is usually used as a
Yes, it is...
> I'm not 100% sure but IIRC there have been validation failures that have
> been caused by the signer (not necessarily ODS) calculating too
> optimistic pre-publication intervals without visibility to what is
> actually available in public DNS.
>
> Any thoughts?
Make it quite a bit longer, who cares, it's only one record. So a couple of
days are maybe a week is much better IMO.
grtz Miek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20130109/ef41f694/attachment.bin>
More information about the Opendnssec-user
mailing list