Skip to content

dnssec-policy neater configuration

Evan Hunt requested to merge each-max-zone-ttl into master

Evan:

I fear it will be confusing to have two options called zone-max-ttl in dnssec-policy and max-zone-ttl in zone that do the exact same thing, and suggest we rename the former to the latter for consistency's sake before 9.16.0.

Also:

  • Allow for "lifetime unlimited" as a synonym for "lifetime PT0S"
  • Make "key-directory" optional.
  • Warn if key lengths do not make sense.
  • Document that PT0S (duration of 0 seconds) is infinite key lifetime
  • minor typo: should be "of" not "or" in: "Like max-zone-ttl, specifies the maximum permissible TTL value in seconds. When loading a zone file using a masterfile-format or text or raw,"
Edited by Evan Hunt

Merge request reports