dnssec-keygen & dnssec-signzone "smart signing" vs time zones
Paul B. Henson
henson at acm.org
Thu Apr 29 03:06:32 UTC 2010
On Wed, 28 Apr 2010, Mark Andrews wrote:
> The .private timestamps are in UTC and that is what is used for key
> management. The .key values are just comments. You should be able to
> work out my current offset from UTC.
>
> % grep Created Klllll.+005+59421.*
> Klllll.+005+59421.key:; Created: Thu Apr 29 11:10:24 2010
> Klllll.+005+59421.private:Created: 20100429011024
Ah, ok, that makes more sense, thanks.
It might help prevent confusion if the documentation was more clear on time
handling; I might have missed it but I didn't see anything explaining time
was stored in UTC, or that times provided on the command line were
considered to be in UTC. That last bit isn't very intuitive, typically when
time is specified like that it's relative to your time zone. I guess I'll
need to convert the time I want relative to my time zone to UTC and pass
that on the command line instead.
--
Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/
Operating Systems and Network Analyst | henson at csupomona.edu
California State Polytechnic University | Pomona CA 91768
More information about the bind-users
mailing list