Re: Root and ARPA DNSSEC operational message -- signature validity period

FYI, this work is now complete. DW > On Aug 30, 2016, at 2:32 PM, Wessels, Duane wrote: > > DNSSEC signatures in the Root and ARPA zones are currently given a validity > period of 10 days. The validity period is being increased to 13 days, per > the recommendations of RSSAC's Report on Root Z

Root and ARPA DNSSEC operational message -- signature validity period

DNSSEC signatures in the Root and ARPA zones are currently given a validity period of 10 days. The validity period is being increased to 13 days, per the recommendations of RSSAC's Report on Root Zone TTLs [1] (aka RSSAC003). Note that we are not aware of any cases where the 10-day signature vali

Root and ARPA DNSSEC operational message - signature validity period

DNSSEC signatures in the Root and ARPA zones were initially given a validity period of 7 days. The validity period is being increased to 10 days. Both the Root and ARPA zones publish their NS RRsets with a TTL of 6 days. A signature validity period of 7 days means that a root server instance that