Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.
@@ -20,4 +20,10 @@ Edit: instead of policy enum (manual, zsk_auto, full_auto), we just use the same
...
@@ -20,4 +20,10 @@ Edit: instead of policy enum (manual, zsk_auto, full_auto), we just use the same
Idea:
Idea:
there is a proposal of a way to wake up a user-custom script in some cases, for now in case of KSK submittion.
there is a proposal of a way to wake up a user-custom script in some cases, for now in case of KSK submittion.
There will be another socket file which will be filled with a line when this event occurs. The script shall read this socket and with the line read, it can do whatever.
There will be another socket file which will be filled with a line when this event occurs. The script shall read this socket and with the line read, it can do whatever.
\ No newline at end of file
Design of shared KSK rollover:
It is difficult to design automatic rollover of a KSK shared between more zones. The key timers are shared, so all zones must make a consensus to allow a rollover step for this key. This is mostly to check the submittion (all zones must their parents' DS records updated), but also helps to determine which of the sharing zones performs the action.
It is creepy that during the "voting" in progress, the number of zones can decrease. In this case, Knot will not know if the zone removed voted already, or not. Solving this has to be thought of.