mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 14:35:26 +00:00
Code Issues Releases Wiki Activity
Files
ab0bf492035c01687dfff8f546b78ac30739348c
bind/doc/misc/dnssec-policy.default.conf
Matthijs Mekking a25f49f153 Make 'parent-registration-delay' obsolete 
With the introduction of 'checkds', the 'parent-registration-delay'
option becomes obsolete.
2020-08-07 11:26:09 +02:00

25 lines
429 B
Plaintext
Raw Blame History

dnssec-policy "default" {
// Keys
keys {
csk key-directory lifetime unlimited algorithm 13;
};
// Key timings
dnskey-ttl 3600;
publish-safety 1h;
retire-safety 1h;
// Signature timings
signatures-refresh 5d;
signatures-validity 14d;
signatures-validity-dnskey 14d;
// Zone parameters
max-zone-ttl 86400;
zone-propagation-delay 300;
// Parent parameters
parent-ds-ttl 86400;
parent-propagation-delay 1h;
};
Reference in New Issue View Git Blame Copy Permalink