Michael Grimm <[email protected]> wrote: > after reading the documentation and manual pages I do have difficulties in > understanding the complete process of a manual ZSK rollover intervention when > all rollovers are normally performed automatically. […] > But how does one continue when one wants to speed up the remaining process of > publication and retirement? I couldn't find specific parameters in the > documentation to override those in kasp.xml. Does one need to modify the > relevant timing settings in kasp.xml, instead?
Well I did add another policy to my kasp.xml in order to test a 'speedy' policy. All of my zones have been part of the 'default' policy in kasp.xml, sofar. Now I do not understand how one would modify the policy of one of my zones (XYZ) from 'default' to 'speedy'? According the ods-enforcer manual page only the following relevant options exist (if I am not mistaken): | ods-enforcer zone list | add | delete Does one use 'ods-enforcer zone add --zone XYZ --policy speedy' instead? (I didn't try that without fully understanding the implications, yet.) I could achieve a modification via zonelist.xml (which has been empty before): 1) zonelist export 2) manually modify the policy of the XYZ zone entry 3) zonelist import BUT, according https://wiki.opendnssec.org/display/DOCS20/zonelist.xml | Its use is discouraged. So, how does one modify zone's policies the proper way? Thanks and with kind regards, Michael _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
