f211c05990
Having a value higher than signatures-validity does not make sense
and should be treated as a configuration error.
(cherry picked from commit c3d8932f79)
28 lines
696 B
Plaintext
28 lines
696 B
Plaintext
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
/*
|
|
* The dnssec-policy jitter is more than signatures-validity,
|
|
* which is not allowed.
|
|
*/
|
|
dnssec-policy high-jitter {
|
|
signatures-jitter P8DT1S;
|
|
signatures-validity P8D;
|
|
};
|
|
|
|
zone "example.net" {
|
|
type primary;
|
|
file "example.db";
|
|
dnssec-policy high-jitter;
|
|
};
|