Disable DNSSEC
Bill Owens
owens at nysernet.org
Tue Jan 7 16:27:49 UTC 2014
On Tue, Jan 07, 2014 at 04:24:31PM +0000, Eric Davis wrote:
> So I guess my DS record has the same TTL as my default TTL for my records? My default is 8 hours, so if I wait 8 hours after I remove the DS from my parent zone then I should be ok? My parent zone is a TLD(.edu).
The DS record is in the parent zone (.edu) and it has a one-day TTL:
;; AUTHORITY SECTION:
rockefeller.edu. 172800 IN NS r2d2.rockefeller.edu.
rockefeller.edu. 172800 IN NS rockyd.rockefeller.edu.
rockefeller.edu. 86400 IN DS 40486 5 1 954F779D591F011288CAD43D64D96EA543E0D3E5
rockefeller.edu. 86400 IN RRSIG DS 8 2 86400 20140113054536 20140106043536 20750 edu. 0XmRgd7FPG56t7etP2dK0W9gvVVm5oJlaCXufHlWnLsPWwNcAGIEQBCp RxBicOFdPgmxvm1VV+IXq7W2qEKiFOchCgfqm9ugqQ7/DOR0DJW1edgI ZqUVLfMgp/VT1+6EXU+wGiR7D2rZs1xvyu82cMQCkBseiKVAJv2F35LK MSE=
Bill.
More information about the bind-users
mailing list