The golang implementation of DNSSEC key generation currently runs synchronously, and as a result, it's possible to reach various timeouts in Traffic Ops before the process completes. For example, if one wanted to enable DNSSEC on a very large CDN, the request may time out before it completes. The key refresh process is still in the Perl side and it fork()s, so whatever solution we come up with on the golang side should be used when we migrate the key refresh endpoint.
[ Full content available at: https://github.com/apache/trafficcontrol/issues/2775 ] This message was relayed via gitbox.apache.org for [email protected]
