On Fri, Jun 4, 2010 at 9:10 AM, Evan Hunt <e...@isc.org> wrote: > The way it's supposed to work is: you add the new NSEC3PARAM record, > then wait for the new NSEC3 chain to be built. The newly inserted record > will, at first, have its "flags" field set to a nonzero value; this > indicates that the chain isn't complete yet. When the server is finished > building the chain, it updates the newly-added NSEC3PARAM record, and > zeroes the flags field. At that point, it's safe to remove the old > NSEC3PARAM record, which will cause the server to remove the old NSEC3 > chain. > > This is a much more elegant solution... :)
Casey
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
