I have a question about the serial number as modified by inline signing. I have a static zone, adi.com, that I am setting up for dnssec. I added inline-signing yes; key-directory "dnssec"; auto-dnssec maintain; to my named.conf file after generating the keys and then did a rndc restart. After that I did a rndc signing -nsec3param 1 0 10 aef7db3a adi.com to switch to nsec3. Checking the resulting serial number, I find that it is 2013120423. The serial number in the static zone file is 2013120400. Why did it bump it up to 23? I expected something like 02.
Tom Schulz Applied Dynamics Intl. sch...@adi.com _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users