Re: How to measure the impact of enabling DNSSEC?

> > I am concerned by your last statement..."I debating going to a longer > lifetime KSK". Keys don't expire. Signatures expire, and a set of > keys > in use can re-sign the data with new expiration dates without a key > roll. The idea that keys expire seems very common and leads to > unneeded fa

Re: How to measure the impact of enabling DNSSEC?

On Fri, Jan 25, 2013 at 2:57 PM, Lawrence K. Chen, P.Eng. wrote: > > > - Original Message - >> On Wed, Jan 23, 2013 at 11:38 AM, Augie Schwer >> wrote: >> > >> > On Tue, Jan 22, 2013 at 2:32 PM, Mark Andrews >> > wrote: >> >> >> >> >> >> In message >> >> , >> >> Augie >> >> Schwer wri >>

Re: rndc addzone|delzone: some questions

Evan, On Sun Jan 27 2013 at 00:10:28 CET, Evan Hunt wrote: > Delzone just means delete the zone from named, not delete the zone file > from the filesystem. (And I reckon we can do a good deal more harm by > deleting files you wanted to keep than by leaving files for you to delete > yourself...)