[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Root and ARPA DNSSEC operational message -- signature validity period
- Subject: Root and ARPA DNSSEC operational message -- signature validity period
- From: dwessels at verisign.com (Wessels, Duane)
- Date: Tue, 30 Aug 2016 21:32:53 +0000
DNSSEC signatures in the Root and ARPA zones are currently given a validity
period of 10 days. The validity period is being increased to 13 days, per
the recommendations of RSSAC's Report on Root Zone TTLs  (aka RSSAC003).
Note that we are not aware of any cases where the 10-day signature validity
period has caused problems for DNSSEC validators. This is a precautionary
measure designed to accommodate a worst-case scenario.
This change will be implemented on September 6, 2016. Please feel free
to contact us at RZM at verisign.com with concerns or questions, and to forward
this notice to others who may not have already received it.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail