From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Fri, 15 Jun 2012 12:25:29 +0000 (+0000)
Subject: - The key-cache bad key ttl is now 60 seconds.
X-Git-Tag: release-1.4.18rc1~38
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=06a3f735d712dad367ed7233b4e9ae2950611243;p=thirdparty%2Funbound.git

- The key-cache bad key ttl is now 60 seconds.


git-svn-id: file:///svn/unbound/trunk@2685 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/doc/Changelog b/doc/Changelog
index ca4478665..79e2cdc7d 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,9 @@
+15 June 2012: Wouter
+	- implement log-time-ascii on windows.
+	- The key-cache bad key ttl is now 60 seconds.
+
 11 June 2012: Wouter
 	- bug #452: fix crash on assert in mesh_state_attachment.
-	- implement log-time-ascii on windows.
 
 30 May 2012: Wouter
 	- silence warning from swig-generated code (md set but not used in
diff --git a/validator/validator.h b/validator/validator.h
index 18e905efc..1a29c161b 100644
--- a/validator/validator.h
+++ b/validator/validator.h
@@ -56,13 +56,13 @@ struct config_strlist;
  * will be primed no more often than this interval.  Used when harden-
  * dnssec-stripped is off and the trust anchor fails.
  */
-#define NULL_KEY_TTL	900 /* seconds */
+#define NULL_KEY_TTL	60 /* seconds */
 
 /**
  * TTL for bogus key entries.  When a DS or DNSKEY fails in the chain of
  * trust the entire zone for that name is blacked out for this TTL.
  */
-#define BOGUS_KEY_TTL	900 /* seconds */
+#define BOGUS_KEY_TTL	60 /* seconds */
 
 /** max number of query restarts, number of IPs to probe */
 #define VAL_MAX_RESTART_COUNT 5