I've been looking at the BIND 9.6.0a1 distribution for details of the
automatic re-signing facilities. The "NSEC3-NOTES" file gives an overview
("it just happens") and the updated ARM tersely mentions a number of new
options/zone parameters
sig-re-signing-interval number ;
sig-signing-nodes number ;
sig-signing-signatures number ;
sig-signing-type number ;
but is there anything more detailed that I have missed? (Maybe I have
to read the code :-)) I'm particularly concerned with how the SOA serial
is maintained, and what IXFRs look like, and how the "signing-type" is
used.
--
Chris Thompson
Email: [EMAIL PROTECTED]
