Task #2187
open
remove RRs on name server when the DSK which signs those RRs are removed.
Added by Shock Jiang about 10 years ago.
Updated over 9 years ago.
Description
For every RR on name server, a DSK is used to sign it. When the DSK is removed, the related RRs should be removed
- Assignee changed from Shock Jiang to Jiewen Tan
- Target version set to 0.1
- Status changed from New to In Progress
I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.
Shock Jiang wrote:
I propose that this function should be optional whether to remove all related RRs when removing an ID-CERT RR.
In that case that to update a ID-CERT RR to a new version (same public key, new version), admin may remove it first then add a new one.
Thus, those related RR is not supposed to be removed.
I suggest that this change should not be related to the original ndns-remove-rr tool. It is possible to later on craft a specific tool to handle this. Or add another mode into the ndns-remove-rr tool. I actually question whether this functionality is needed at this stage.
Also suggest to have a tool/option that list all RRs signed by a given cert.
- Assignee changed from Jiewen Tan to Shock Jiang
Also available in: Atom
PDF
Updated by 
Updated by