[Opendnssec-user] ods2 signed zone ignores specified Serial format (unixtime), publishes RRSIG SOA with 'datecounter' ?
PGNet Dev
pgnet.dev at gmail.com
Mon Dec 19 17:59:36 UTC 2016
In signing my zone with ods2, using (atm) 'lab' policy, where
cat kasp.xml
<Policy name="lab">
...
<Zone>
<PropagationDelay>PT300S</PropagationDelay>
<SOA>
<TTL>PT300S</TTL>
<Minimum>PT300S</Minimum>
<Serial>unixtime</Serial>
</SOA>
</Zone>
...
note that Serial == unixtime is specified.
but, the singed zone changes the RRSIG serial to 'datecounter' (cref:
https://www.opendnssec.org/documentation/using-opendnssec/) format
egrep -i "serial|SOA" /var/opendnssec/signed/example.info
example.info. 300 IN SOA dns.example.com.
soacontact.example.com. 1482169654 7200 1800 604800 300
example.info. 300 IN RRSIG SOA 8 2 300 20161219184751
20161219164734 38544 example.info. pib...U=
shouldn't the 'unixtime' format be used consistently/unchanged in the
RRSIG SOA record as well?
More information about the Opendnssec-user
mailing list