[dns-operations] Org Dnskey TTL

Andrew Sullivan ajs at shinkuro.com
Tue Apr 20 13:59:41 UTC 2010


On Tue, Apr 20, 2010 at 03:45:10PM +0200, Phil Regnauld wrote:
> 
> 	That's a valid observation of the popularity of a given zone, but not to
> 	be confused with a protocol requirement.

Sorry, I guess I wasn't clear enough.  The question was whether the
short TTL causes operational effects.  The answer was no, but maybe as
there were more zones signed under .org there would be because the
.org key would need to be fetched more often.  Certainly, that key
will need to be fetched more often than otherwise if many child zones
are signed and validators do bottom-up validation.  If just about
every validator ends up going top-down, then there will be no effect
(as Mark suggested), because validation will just stop at org for
unsigned zones (but in any case, the key will have to be fetched after
the TTL).

A

-- 
Andrew Sullivan
ajs at shinkuro.com
Shinkuro, Inc.



More information about the dns-operations mailing list