upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Restore text about sig validity and SOA expire

Browse source 
When `sig-validity-interval` was obsoleted, the text that the signature
validity interval should be multiples of the SOA expire interval was
removed. Restore this text to the description of the
`signatures-validity` option.
This commit is contained in:
Matthijs Mekking 2024-09-30 11:39:57 +02:00
parent 3304e1dc76
commit b09230004b
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/arm/reference.rst
View file

@ -6458,6 +6458,10 @@ keys
This indicates the validity period of an RRSIG record (subject to
inception offset and jitter). The default is ``P2W`` (2 weeks).
The :any:`signatures-validity` should be at least several multiples
of the SOA expire interval, to allow for reasonable interaction between
the various timer and expiry dates.
.. namedconf:statement:: signatures-validity-dnskey
:tags: dnssec
:short: Indicates the validity period of DNSKEY records.