Question about KSK
WBrown at e1b.org
WBrown at e1b.org
Fri Apr 27 14:43:16 UTC 2012
Jan-Piet wrote on 04/27/2012 10:22:39 AM:
> > When the shared KSK needed to be rolled over, you would have to
> > process DS records in the parents of your few dozen zones all at the
> > same time.
>
> *If* you want to roll the KSK, a.k.a. "when did you last roll your SSH
> keys?" :-)
Correct. I was mistakenly thinking the KSK also had an expiration as the
the ZSK does.
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
More information about the bind-users
mailing list