[#2173] updated documentation

author Razvan Becheriu <razvan@isc.org>

Wed, 10 Nov 2021 09:24:47 +0000 (11:24 +0200)

committer Razvan Becheriu <razvan@isc.org>

Wed, 10 Nov 2021 14:15:18 +0000 (14:15 +0000)
author Razvan Becheriu <razvan@isc.org>
Wed, 10 Nov 2021 09:24:47 +0000 (11:24 +0200)
committer Razvan Becheriu <razvan@isc.org>
Wed, 10 Nov 2021 14:15:18 +0000 (14:15 +0000)
diff --git a/doc/sphinx/arm/ext-gss-tsig.rst b/doc/sphinx/arm/ext-gss-tsig.rst

index a390ae70fc2dea44ef1cbbbbf5411e9c5aaeb697..0d3bbde5614e4a41c88504d4c82901253d2f3fab 100644 (file)
--- a/doc/sphinx/arm/ext-gss-tsig.rst
+++ b/doc/sphinx/arm/ext-gss-tsig.rst
@@ -451,8 +451,8 @@ After a shared secret key is generated and put in a key table file:
  The ``dhcp.keytab`` takes the same usage as for Unix Kerberos.
  
  
-GSS troubleshooting
-~~~~~~~~~~~~~~~~~~~
+GSS-TSIG Troubleshooting
+~~~~~~~~~~~~~~~~~~~~~~~~
  
  While testing GSS-TSIG integration with Active Directory we came across
  one very cryptic error:
@@ -817,6 +817,14 @@ The server map parameters are described below:
  
  - ``comment`` is allowed but currently ignored.
  
+
+GSS-TSIG Automatic Key Removal
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The server will periodically delete keys which expired more than 3 times the
+maximum key lifetime.
+
+
  GSS-TSIG Configuration for Deployment
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
author	Razvan Becheriu <razvan@isc.org>
	Wed, 10 Nov 2021 09:24:47 +0000 (11:24 +0200)
committer	Razvan Becheriu <razvan@isc.org>
	Wed, 10 Nov 2021 14:15:18 +0000 (14:15 +0000)