I have a question about the serial number as modified by inline signing.
I have a static zone, adi.com, that I am setting up for dnssec. I added
        inline-signing yes;
        key-directory "dnssec";
        auto-dnssec maintain;
to my named.conf file after generating the keys and then did a rndc restart.
After that I did a
rndc signing -nsec3param 1 0 10 aef7db3a adi.com
to switch to nsec3. Checking the resulting serial number, I find that it is
2013120423. The serial number in the static zone file is 2013120400.
Why did it bump it up to 23? I expected something like 02.

Tom Schulz
Applied Dynamics Intl.
sch...@adi.com
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to