Project

General

Profile

Task #2187

remove RRs on name server when the DSK which signs those RRs are removed.

Added by Shock Jiang about 6 years ago. Updated almost 6 years ago.

Status:
In Progress
Priority:
Normal
Assignee:
Target version:
Start date:
11/15/2014
Due date:
% Done:

0%

Estimated time:

Description

For every RR on name server, a DSK is used to sign it. When the DSK is removed, the related RRs should be removed

#1

Updated by Shock Jiang about 6 years ago

  • Assignee changed from Shock Jiang to Jiewen Tan
#2

Updated by Shock Jiang about 6 years ago

  • Target version set to 0.1
#3

Updated by Jiewen Tan almost 6 years ago

  • Status changed from New to In Progress
#4

Updated by Shock Jiang almost 6 years ago

I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.

#5

Updated by Jiewen Tan almost 6 years ago

Shock Jiang wrote:

I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.

I suggest that this change should not be related to the original ndns-remove-rr tool. It is possible to later on craft a specific tool to handle this. Or add another mode into the ndns-remove-rr tool. I actually question whether this functionality is needed at this stage.

#6

Updated by Shock Jiang almost 6 years ago

Also suggest to have a tool/option that list all RRs signed by a given cert.

#7

Updated by Jiewen Tan almost 6 years ago

  • Assignee changed from Jiewen Tan to Shock Jiang

Also available in: Atom PDF