Disable DNSSEC

Bill Owens owens at nysernet.org
Tue Jan 7 16:27:49 UTC 2014


On Tue, Jan 07, 2014 at 04:24:31PM +0000, Eric Davis wrote:
> So I guess my DS record has the same TTL as my default TTL for my records?  My default is 8 hours, so if I wait 8 hours after I remove the DS from my parent zone then I should be ok?  My parent zone is a TLD(.edu).

The DS record is in the parent zone (.edu) and it has a one-day TTL:

;; AUTHORITY SECTION:
rockefeller.edu.    172800  IN  NS  r2d2.rockefeller.edu.
rockefeller.edu.    172800  IN  NS  rockyd.rockefeller.edu.
rockefeller.edu.    86400   IN  DS  40486 5 1 954F779D591F011288CAD43D64D96EA543E0D3E5
rockefeller.edu.    86400   IN  RRSIG   DS 8 2 86400 20140113054536 20140106043536 20750 edu. 0XmRgd7FPG56t7etP2dK0W9gvVVm5oJlaCXufHlWnLsPWwNcAGIEQBCp RxBicOFdPgmxvm1VV+IXq7W2qEKiFOchCgfqm9ugqQ7/DOR0DJW1edgI ZqUVLfMgp/VT1+6EXU+wGiR7D2rZs1xvyu82cMQCkBseiKVAJv2F35LK MSE=

Bill.


More information about the bind-users mailing list