Hi Daniel! > -----Ursprüngliche Nachricht----- > Von: Daniel Stirnimann <daniel.stirnim...@switch.ch> > Gesendet: Montag, 3. Mai 2021 11:27 > An: Klaus Darilion <klaus.daril...@nic.at>; Pdns- > us...@mailman.powerdns.com > Betreff: Re: [Pdns-users] DNSSEC Algorithm Rollover Documentation > > Hello Klaus, > > The DNSSEC Operational Practices (RFC 6781) documents this in chapter > 4.1.4 Algorithm Rollovers: > https://tools.ietf.org/html/rfc6781#section-4.1.4 > > The document mentions both a conservative and a liberal approach.
Thanks - the description of the conservative approach makes clear why the "published" column in PDNS was introduced: I guess active=1 and publish=0 means that RRSIG will be produced but the key itself is not published as DNSKEY. regards Klaus _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
