[dns-operations] Org Dnskey TTL

Chris Thompson cet1 at cam.ac.uk
Tue Jul 7 20:17:21 UTC 2009

On Jun 18 2009, Dave Knight wrote:

>On 17-Jun-09, at 8:28 PM, Mark Andrews wrote:
>> 	Why still a low a ttl for DNSKEY?  I can understand for
>> 	negative responses but changes to DNSKEY would have to be
>> 	on the order of days anyway as that is what it takes to
>> 	change trust anchors.
>Our signer solution doesn't currently allow the TTL of these records  
>to be set individually, a fix for this is in the pipeline though.

So, how long is the pipeline? Currently the original TTL of these
DNSKEY RRs remains at 900 seconds.

Chris Thompson               University of Cambridge Computing Service,
Email: cet1 at ucs.cam.ac.uk    New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715       United Kingdom.

More information about the dns-operations mailing list