[Opendnssec-user] TTL clamped to minimum 3600?

[Havard Eidnes]

Hi,

we have some users who tried to register a TTL for some
particular resource records which is quite a bit lower than 1
hour.

However, after the zone has been signed by OpenDNSSEC, the TTL is
set to 1 hour (exactly).  I can't seem to find any information
that such clamping is being enforced in our configuration, and I
can't find a knob in the documentation of the configuration files
where this can be modified.

This took me somewhat by surprise -- is the enforced TTL implicit
on one of the other configured values?  Why?

Regards,

- Håvard