dnssec-policy neater configuration
Evan:
I fear it will be confusing to have two options called
zone-max-ttl
indnssec-policy
andmax-zone-ttl
inzone
that do the exact same thing, and suggest we rename the former to the latter for consistency's sake before 9.16.0.
Also:
- Allow for "lifetime unlimited" as a synonym for "lifetime PT0S"
- Make "key-directory" optional.
- Warn if key lengths do not make sense.
- Document that PT0S (duration of 0 seconds) is infinite key lifetime
- minor typo: should be "of" not "or" in: "Like max-zone-ttl, specifies the maximum permissible TTL value in seconds. When loading a zone file using a masterfile-format or text or raw,"
Edited by Evan Hunt