[ Quoting Antti Ristimäki at 15:10 on January 9 in "[Opendnssec-user] PublishSafety def"... ] > Hi, > > I've been wondering whether the default value (3600s) for key > PublishSafety margin is too short. As OpenDNSSEC is usually used as a
Yes, it is... > I'm not 100% sure but IIRC there have been validation failures that have > been caused by the signer (not necessarily ODS) calculating too > optimistic pre-publication intervals without visibility to what is > actually available in public DNS. > > Any thoughts? Make it quite a bit longer, who cares, it's only one record. So a couple of days are maybe a week is much better IMO. grtz Miek
signature.asc
Description: Digital signature
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
