On 17-11-11 14:39, Jakob Schlyter wrote: > Greetings, > > Due to the inability to operate together with upcoming Signer Engine features > like IXFR, we're considering removing the Auditor from future versions of > OpenDNSSEC. Other reasons for this is that we believe that the Auditor has > played is part in the OpenDNSSEC development process, it now often introduces > more problems for our users than helping and there are now multiple > alternative zone checkers available. > > We now solicit user input on this plan from users activly using the Auditor > (as opposed to just using it since it is enabled by default). Please submit > your comments to the OpenDNSSEC users list > ([email protected]) no later than December 2nd.
I can't recall ever having seen a usefull, true positive from the auditor so I wouldn't miss it*. In fact, I've recently disabled it all together to make the signing process go faster. My environment expects near-instantaneous DNS-updates. Instead I run the auditor from a nightly cron-job. It complains about a decreased SOA serial on every zone but AFAIK that is unavoidable when editting zones manually. * this is not a critique, it just shows that things work rather well -- Casper Gielen <[email protected]> | LIS UNIX PGP fingerprint = 16BD 2C9F 8156 C242 F981 63B8 2214 083C F80E 4AF7 Universiteit van Tilburg | Postbus 90153, 5000 LE Warandelaan 2 | Telefoon 013 466 4100 | G 236 | http://www.uvt.nl _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
