The call to key_tracker.process_key_data have different parameters
in auditor.rb and partial_auditor.rb. If I remember correct, there was
a bug-fix that corrected the TTL used to verify key usage/state-
transitions. Howver, I don't think the fix made it info the partial
auditor.
In the 1.3-branch:
fgrep process_key_data auditor/lib/kasp_auditor/*auditor.rb
auditor/lib/kasp_auditor/auditor.rb:
@key_tracker.process_key_data(@keys, @keys_used, @soa.serial, @config.keys.ttl)
auditor/lib/kasp_auditor/partial_auditor.rb:
@key_tracker.process_key_data(@keys, @keys_used, @soa.serial, @config.soa.ttl)
The partial auditor still use the SOA TTL, not the DNSKEY TTL.
/ Göran Bengtson
Chalmers Univ. of Technology_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
