DNSSEC intervals

John john at klam.ca
Thu Jan 22 19:50:15 CET 2015

On 1/19/2015 7:21 AM, Carsten Strotmann wrote:
> Hello John,
> https://tools.ietf.org/html/rfc6781
> the standard "names" are in RFC 6781 
> <https://tools.ietf.org/html/rfc6781>

I read them both the draft, and the RFC. A little like eating saw dust, 
but if you want to make sure thinks are unambiguous  I suppose that's 

Why a formal period between "ready" and "active", surely if the 
publishing period is correctly chosen then a key is activated when 
ready. Similarly when a key has reach the end of its retirement and is 
dead, surely it should be removed from the system asap. The more junk 
there is lying around the greater the likely hood of error.

John Allen
we should be careful not to ascribe to malice what could equally be 
explained by incompetence.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4268 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://mail.sys4.de/cgi-bin/mailman/private/dane-users/attachments/20150122/1aca8bf7/attachment.bin>

More information about the dane-users mailing list