review comments

author Wouter Wijngaards <wouter@nlnetlabs.nl>

Fri, 20 Nov 2009 12:06:00 +0000 (12:06 +0000)

committer Wouter Wijngaards <wouter@nlnetlabs.nl>

Fri, 20 Nov 2009 12:06:00 +0000 (12:06 +0000)
author Wouter Wijngaards <wouter@nlnetlabs.nl>
Fri, 20 Nov 2009 12:06:00 +0000 (12:06 +0000)
committer Wouter Wijngaards <wouter@nlnetlabs.nl>
Fri, 20 Nov 2009 12:06:00 +0000 (12:06 +0000)
diff --git a/validator/autotrust.c b/validator/autotrust.c

index 2d97b0bff42818d1876d0c3868fce1927dfb6ad3..b81f048ee557c8a6cf3f6010097818d07f63313b 100644 (file)
--- a/validator/autotrust.c
+++ b/validator/autotrust.c
@@ -1439,6 +1439,9 @@ do_newkey(struct module_env* env, struct autr_ta* anchor, int* c)
  static void
  do_addtime(struct module_env* env, struct autr_ta* anchor, int* c)
  {
+       /* This not according to RFC, this is 30 days, but the RFC demands 
+        * MAX(30days, TTL expire time of first DNSKEY set with this key),
+        * The value may be too small if a very large TTL was used. */
         int exceeded = check_holddown(env, anchor, env->cfg->add_holddown);
         if (exceeded && anchor->s == AUTR_STATE_ADDPEND) {
                 verbose_key(anchor, VERB_ALGO, "add-holddown time exceeded "
author	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Fri, 20 Nov 2009 12:06:00 +0000 (12:06 +0000)
committer	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Fri, 20 Nov 2009 12:06:00 +0000 (12:06 +0000)