mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-01 06:55:30 +00:00
Code Issues Releases Wiki Activity

Update signatures-refresh documentation

Browse Source 
Mention in the ARM the new restriction about signatures-refresh.
This commit is contained in:
Matthijs Mekking
2022-05-06 16:56:13 +02:00
parent 82fd89107f
commit 74d2e7704f
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/arm/reference.rst
View File

@@ -5351,7 +5351,9 @@ The following options can be specified in a ``dnssec-policy`` statement:
refreshed. The signature is renewed when the time until the refreshed. The signature is renewed when the time until the
expiration time is less than the specified interval. The default is expiration time is less than the specified interval. The default is
``P5D`` (5 days), meaning signatures that expire in 5 days or sooner ``P5D`` (5 days), meaning signatures that expire in 5 days or sooner
are refreshed. are refreshed. The ``signatures-refresh`` value must be less than
90% of the minimum value of ``signatures-validity`` and
``signatures-validity-dnskey``.
``signatures-validity`` ``signatures-validity``
This indicates the validity period of an RRSIG record (subject to This indicates the validity period of an RRSIG record (subject to