TTL of NSEC3PARAM RR
fujiwara at wide.ad.jp
Tue Jan 25 06:45:42 UTC 2011
Why does BIND 9 set the TTL of NSEC3PARAM RR to zero ?
dnssec-signzone sets TTL of NSEC3PARAM RR to 0.
"update add zone 3600 IN NSEC3PARAM 1 1 10 001122334455" adds
NSEC3PARAM RR with TTL 0.
# I know that the TTL of NSEC3PARAM RR is trivial.
# RFC 5155 describes NSEC3PARAM RR is not used for validation.
# But RFC 5155 does not describe the TTL of NSEC3PARAM RR.
I don't have any opinion and request for TTL of NSEC3PARAM.
I only want to know the reason.
LDNS and OpenDNSSEC seem to set TTL of NSEC3PARAM to 3600.
Kazunori Fujiwara, JPRS
More information about the bind-users