[Opendnssec-user] For <update> Command, Adding and Removing DS Data
Mathieu Arnold
mat at mat.cc
Wed May 28 15:58:41 UTC 2014
+--On 28 mai 2014 17:05:51 +0200 Ramanou BIAOU <ramanou at netim.com> wrote:
| Dear All,
| I would like your opinion on the<update> Command, Adding and Removing DS
| Data
|
| Between these two modes which is best adapted to make update DS recording
| to register. Advantage and disadvantage of each.
I do an even different version:
- The DelegationSignerSubmitCommand only adds new DS.
- A second, cronned, script goes and have a look at the keys in the waiting
for ds-seen state, and looks for the DS, when it finds them, it sens the
ds-seen command.
- A third, cronned, script goes and make sure that all keys in the "retire"
state are, indeed, removed from the parent zones.
Both cronned script run every four hour, with a RetireSafety = 1D, it's
never failed me :-)
--
Mathieu Arnold
More information about the Opendnssec-user
mailing list