[Opendnssec-user] DNSKEY set signed with KSK in retire state.
Maurice
maurice at info.nl
Thu Nov 19 11:07:21 UTC 2015
Hello,
When using OpenDNSSEC, I see that DNSKEY sets are signed with keys
that are in the retire state.
Why does this happen ? I would expect that only KSK`s in the active or
ready state would be used for signing the DNSKEY sets.
Regards,
--
Maurice Mahieu
System Engineer | maurice at info.nl <mailto:maurice at info.nl> | +31 (0)20
53 09 111 <tel:+31205309111>
info.nl <http://www.info.nl> /making platforms work/
<http://www.info.nl/nl?utm_source=e-mail_sig&utm_medium=e-mail&utm_term=connecting_the_dots&utm_campaign=info_sig>
Sint Antoniesbreestraat 16 | 1011 HB Amsterdam | +31 (0)20 530 91 00
<tel:+31205309100>
Facebook <https://www.facebook.com/infonl> | Twitter
<https://twitter.com/infonl> | LinkedIn
<https://www.linkedin.com/company/info.nl> | Google+
<https://plus.google.com/+infonl/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20151119/3292be5c/attachment.htm>
More information about the Opendnssec-user
mailing list