Is it correct to expect the following if SOA Serial is set to "keep" in the concerned policy ?
i) The very first time a zone is signed, the SOA serial of the signed file will be the same as that of the unsigned file. ii) Post the first-time signing, if a sign zone command is issued without incrementing the serial number of the unsigned file, the signing fails with an error saying that the serial number has not increased i.e. an attempt to resign a zone fails unless the serial number has been incremented. Regards, Anirban _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
