git.ipfire.org Git - thirdparty/bind9.git/commit

author	Matthijs Mekking <matthijs@isc.org>
	Tue, 7 Apr 2020 13:51:43 +0000 (15:51 +0200)
committer	Matthijs Mekking <matthijs@isc.org>
	Tue, 7 Apr 2020 13:51:43 +0000 (15:51 +0200)
commit	04e67110290dd0fa1157a32dfca04af4f8f8f4c0
tree	eb1ef4e5e047b285ebb5b858252a5d89bc981ecd	tree \| snapshot
parent	8d3c0156f45cf3d6e8a43a121c2d87440e9bf750	commit \| diff

Increase migrate.kasp DNSKEY TTL

Increate the DNSKEY TTL of the migrate.kasp zone for the following
reason:  The key states are initialized depending on the timing
metadata. If a key is present long enough in the zone it will be
initialized to OMNIPRESENT.  Long enough here is the time when it
was published (when the setup script was run) plus DNSKEY TTL.
Otherwise it is set to RUMOURED, or to HIDDEN if no timing metadata
is set or the time is still in the future.

Since the TTL is "only" 5 minutes, the DNSKEY state may be
initialized to OMNIPRESENT if the test is slow, but we expect it
to be in RUMOURED state.  If we increase the TTL to a couple of
hours it is very unlikely that it will be initialized to something
else than RUMOURED.

bin/tests/system/kasp/ns6/policies/kasp.conf		diff \| blob \| blame \| history
bin/tests/system/kasp/ns6/setup.sh		diff \| blob \| blame \| history
bin/tests/system/kasp/tests.sh		diff \| blob \| blame \| history