Project

General

Profile

Actions

Task #2187

open

remove RRs on name server when the DSK which signs those RRs are removed.

Added by Shock Jiang almost 10 years ago. Updated over 9 years ago.

Status:
In Progress
Priority:
Normal
Assignee:
Target version:
Start date:
11/15/2014
Due date:
% Done:

0%

Estimated time:

Description

For every RR on name server, a DSK is used to sign it. When the DSK is removed, the related RRs should be removed

Actions #1

Updated by Shock Jiang almost 10 years ago

  • Assignee changed from Shock Jiang to Jiewen Tan
Actions #2

Updated by Shock Jiang almost 10 years ago

  • Target version set to 0.1
Actions #3

Updated by Jiewen Tan over 9 years ago

  • Status changed from New to In Progress
Actions #4

Updated by Shock Jiang over 9 years ago

I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.

Actions #5

Updated by Jiewen Tan over 9 years ago

Shock Jiang wrote:

I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.

I suggest that this change should not be related to the original ndns-remove-rr tool. It is possible to later on craft a specific tool to handle this. Or add another mode into the ndns-remove-rr tool. I actually question whether this functionality is needed at this stage.

Actions #6

Updated by Shock Jiang over 9 years ago

Also suggest to have a tool/option that list all RRs signed by a given cert.

Actions #7

Updated by Jiewen Tan over 9 years ago

  • Assignee changed from Jiewen Tan to Shock Jiang
Actions

Also available in: Atom PDF