[dns-operations] Quick analysis of TLD SOA's
Gilles Massen
gilles.massen at restena.lu
Wed Jul 13 18:49:34 UTC 2011
On 13/7/11 17:03 , Jake Zack wrote:
> ...I understand large expire times (.CA's was set to 1 week, but as of
> next zone publish (11:00am EDT) will become 40 days due to this
> analysis)...but I'm wondering why some TLD's have opted for incredibly
> short (<1day) expire times. Any thoughts on this?
Rickard Bellgrim did a nice analysis on SOA Expire vs. Signature Refresh
interval, with the result that .SE lowered their expire time. This is
something that obviously was not on the radar when most SOA
recommendations were written.
See also:
http://dnssec-deployment.org/pipermail/dnssec-deployment/2011-April/004918.html
Best,
Gilles
More information about the dns-operations
mailing list