Task #2187
open
remove RRs on name server when the DSK which signs those RRs are removed.
Added by Shock Jiang over 10 years ago.
Updated about 10 years ago.
Description
For every RR on name server, a DSK is used to sign it. When the DSK is removed, the related RRs should be removed
- Assignee changed from Shock Jiang to Jiewen Tan
- Target version set to 0.1
- Status changed from New to In Progress
I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.
Shock Jiang wrote:
I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.
I suggest that this change should not be related to the original ndns-remove-rr tool. It is possible to later on craft a specific tool to handle this. Or add another mode into the ndns-remove-rr tool. I actually question whether this functionality is needed at this stage.
Also suggest to have a tool/option that list all RRs signed by a given cert.
- Assignee changed from Jiewen Tan to Shock Jiang
Also available in: Atom
PDF
Updated by 
Updated by