> Perhaps I didn't express myself clearly. I don't claim this is due to the > ldns bug. > But the zone that was affected by the ldns bug didn't get a working key > rollover (it happened during the time OpenDNSSEC was affected by the ldns > bug), so the auditor haven't let it thru since then (because the pre-pulished > key state was not seen by the auditor). > After that, I noticed the SOA datecounter acceleration in OpenDNSSEC...
Ok, so the Auditor will fail each new signed zone. The Signer Engine will then retry, thus also increasing the SOA serial. Correct me if I am wrong here, Matthijs. The odd thing here is that it does not increment with 1, but with 397. // Rickard _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
