KSK stays published 3 days after delete time
Alexander Gurvitz
alex at net-me.net
Thu May 10 21:44:15 UTC 2012
On Thu, May 10, 2012 at 11:04 PM, Axel Rau <Axel.Rau at chaos1.de> wrote:
>
>> Did you delete it manually (at 2012-05-07T14:55:02.569706) ?
> Yes; i.e. my script.
>> If so, maybe it's still in the zone because BIND doesn't know the timing
>> metadata anymore ?
> I thought that would be in the journal or internal repository of named.
I guess there's no such "internal repository". I guess bind meant to
look at the metadata from the key file, and now as it haven't the
file, it knows no timing data. It's not going to delete keys just
because the file is missing, because the key file can be purposely
missing if someone chooses to store keys offline. Though It's all my
guesses.
Alex
More information about the bind-users
mailing list