Commit 6b2fd402 authored by Committed by Matthijs Mekking
Jitter signatures times when adding dynamic records.
When doing regular signing expiry time is jittered to make sure that the re-signing times are not clumped together. This expands this behaviour to expiry times of dynamically added records. When incrementally re-signing a zone use the full jitter range if the server appears to have been offline for greater than 5 minutes otherwise use a small jitter range of 3600 seconds. This will stop the signatures becoming more clustered if the server has been off line for a significant period of time (> 5 minutes).
Showing with 62 additions and 14 deletions