GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.
Admin message
Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.
@@ -5,18 +5,41 @@ from knot_resolver_manager.utils import SchemaNode
classTrustAnchorFileSchema(SchemaNode):
"""
Trust-anchor zonefile configuration.
---
file: Path to the zonefile that stores trust-anchors.
read_only: Blocks zonefile updates according to RFC 5011.
"""
file:str
read_only:bool=False
classDnssecSchema(SchemaNode):
"""
DNSSEC configuration.
---
trust_anchor_sentinel: Allows users of DNSSEC validating resolver to detect which root keys are configured in resolver's chain of trust. (RFC 8509)
trust_anchor_signal_query: Signaling Trust Anchor Knowledge in DNSSEC Using Key Tag Query, according to (RFC 8145#section-5).
time_skew_detection: Detection of difference between local system time and expiration time bounds in DNSSEC signatures for '. NS' records.
keep_removed: How many removed keys should be held in history (and key file) before being purged.
refresh_time: Force trust-anchors to be updated every defined time periodically instead of relying on (RFC 5011) logic and TTLs. Intended only for testing purposes.
hold_down_time: Modify hold-down timer (RFC 5011). Intended only for testing purposes.
trust_anchors: List of trust-anchors in DS/DNSKEY records format.
negative_trust_anchors: List of domain names representing negative trust-anchors. (RFC 7646)
trust_anchors_files: List of zonefiles where trust-anchors are stored.
