[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Root and ARPA DNSSEC operational message -- signature validity period

Subject: Root and ARPA DNSSEC operational message -- signature validity period
From: dwessels at verisign.com (Wessels, Duane)
Date: Tue, 6 Sep 2016 21:33:01 +0000
In-reply-to: <[email protected]>
References: <[email protected]>

FYI, this work is now complete.

DW


> On Aug 30, 2016, at 2:32 PM, Wessels, Duane <dwessels at verisign.com> wrote:
> 
> DNSSEC signatures in the Root and ARPA zones are currently given a validity
> period of 10 days.  The validity period is being increased to 13 days, per
> the recommendations of RSSAC's Report on Root Zone TTLs [1] (aka RSSAC003).
> 
> Note that we are not aware of any cases where the 10-day signature validity
> period has caused problems for DNSSEC validators.  This is a precautionary
> measure designed to accommodate a worst-case scenario.
> 
> This change will be implemented on September 6, 2016.  Please feel free
> to contact us at RZM at verisign.com with concerns or questions, and to forward
> this notice to others who may not have already received it.
> 
> [1] https://www.icann.org/en/system/files/files/rssac-003-root-zone-ttls-21aug15-en.pdf
> 
> DW
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20160906/b5f059c1/attachment.pgp>

Prev by Date: HUAWEI S6700 - VLANIF MAC ADDRESS
Next by Date: Outdoor ADSL2+/VDSL/G.Fast NIU
Previous by thread: HUAWEI S6700 - VLANIF MAC ADDRESS
Next by thread: Security Track @ NANOG 68 Call for Participation
Index(es):
- Date
- Thread