[Opendnssec-user] Force a fast key rollover
Bas van den Dikkenberg
bas at Dikkenberg.net
Fri Jun 28 07:38:07 UTC 2013
Why you don't want skip the publish fase with new zone ?
Met vriendelijke groet,
Bas van den Dikkenberg
-----Oorspronkelijk bericht-----
Van: opendnssec-user-bounces at lists.opendnssec.org [mailto:opendnssec-user-bounces at lists.opendnssec.org] Namens Sebastian Castro
Verzonden: vrijdag 28 juni 2013 1:53
Aan: Klaus Darilion
CC: opendnssec-user
Onderwerp: Re: [Opendnssec-user] Force a fast key rollover
On 28/06/13 03:15, Klaus Darilion wrote:
> Hi!
Hi!,
>
> When initiating a key rollover, OpenDNSSEC does not immediately use
> the new key, but uses the PUBLISH state (at least for ksk) for some
> time before activating the key (before "waiting for DS"),
>
> How can I force ODS to immediately activate a new KSK and ZSK, without
> these "pre-activate" phases?
Do you have a use case for that? Unless is the first publication of a signed zone, you don't want to skip the PUBLISH phase.
Cheers,
>
> Thanks
> Klaus
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
--
Sebastian Castro
DNS Specialist
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 495 2337
mobile: +64 21 400535
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user at lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
More information about the Opendnssec-user
mailing list