This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] Re: KSK lifetimes
- Previous message (by thread): [dns-wg] Re: KSK lifetimes
- Next message (by thread): [dns-wg] Outdated RIPE NCC Trust Anchors in Fedora Linux Repositories
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Paul Wouters
paul at xelerance.com
Fri Feb 5 17:33:23 CET 2010
On Fri, 5 Feb 2010, Anand Buddhdev wrote: > Things are a bit different now. DNSSEC toolsets have improved, and there > are both commercial and open-source products available to handle a lot > of the heavy-lifting needed to maintain DNSSEC-signed zones. It would > probably be okay to have longer key lifetimes now. I think the suggestion was to extend the current keys until July, so that the next rollover would be "covered" by the signed root. Paul
- Previous message (by thread): [dns-wg] Re: KSK lifetimes
- Next message (by thread): [dns-wg] Outdated RIPE NCC Trust Anchors in Fedora Linux Repositories
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]