* Yuri Schaeffer <[email protected]> [2015-07-28 10:03]:
> > Is this expected behavior when changing policies? The keys for
> > policy 'lab' and 'default' have the same algorithms and key
> > lengths.
>
> Yes it is. Keys are tight to policies.
Hello Yuri, thank you for your answer.
So would it be okay to change timing/ttl parameters in the policy
itself?
> > When adding the zone I noticed that no keys were generated for the
> > zone:
>
> OpenDNSSEC pre-generates keys for later use. Likely a formerly
> generated but unused key was still available.
But the keylist was empty (there are no other zones in the zonelist at
the moment) and the zone was not signed at all.
Regards
Sebastian
--
GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE)
'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE.
-- Terry Pratchett, The Fifth Elephant
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
