Stephane Bortzmeyer wrote:
There is nothing about key rollover, it seems? How do you handle it?
I don't.
(Well, for now the plan is to do it once a year by hand. Then, we'll see...)
Regards,
Eugene
signature.asc
Description: OpenPGP digital signature
On Tue, 2010-02-23 at 23:40 +0300, Eugene Crosser wrote:
(Well, for now the plan is to do it once a year by hand. Then, we'll see...)
For the record, NIST recommends to roll the ZSK every three months, and
the KSK every two years.
Thanks,
-- Nicholas
signature.asc
Description: This is a
Nicholas Wheeler wrote:
On Tue, 2010-02-23 at 23:40 +0300, Eugene Crosser wrote:
(Well, for now the plan is to do it once a year by hand. Then, we'll see...)
For the record, NIST recommends to roll the ZSK every three months, and
the KSK every two years.
And there are lots of other
On Tue, 23 Feb 2010, Alan Clegg wrote:
For the record, NIST recommends to roll the ZSK every three months, and
the KSK every two years.
And there are lots of other opinions on this timing as well.
Note that you cannot really talk about rolling key recommendations without
mentioning the key
Date: Tue, 23 Feb 2010 16:02:27 -0500
From: Alan Clegg acl...@isc.org
Sender: bind-users-bounces+oberman=es@lists.isc.org
Nicholas Wheeler wrote:
On Tue, 2010-02-23 at 23:40 +0300, Eugene Crosser wrote:
(Well, for now the plan is to do it once a year by hand. Then, we'll
see...)
5 matches
Mail list logo