On 28.06.2013 01:53, Sebastian Castro wrote:
On 28/06/13 03:15, Klaus Darilion wrote:
Hi!
Hi!,
When initiating a key rollover, OpenDNSSEC does not immediately use the
new key, but uses the PUBLISH state (at least for ksk) for some time
before activating the key (before "waiting for DS"),
How can I force ODS to immediately activate a new KSK and ZSK, without
these "pre-activate" phases?
Do you have a use case for that? Unless is the first publication of a
signed zone, you don't want to skip the PUBLISH phase.
In my case it is for testing, to speed up roll overs.
btw: is there somewhere a description of the possible key states and how
a key is used depending on its key state? I can't find it.
Thanks
Klaus
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
