1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z
TTL
Click on the red underlined text to get to the source
... time to live but a security
aware resolver will bound the TTL value it uses at the original
signed value. Separately, signatures include a time signed and an
...
... possible to rely solely on the signature expiration as a substitute
for the TTL, however, since the TTL is primarily a database
...
... signature expiration as a substitute
for the TTL, however, since the TTL is primarily a database
consistency ...
... consistency mechanism and, in any case, non-security aware servers
that depend on TTL must still be supported.
...
... algorithm | labels |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| original TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| signature ...
... (1) authentication problems that caching servers would otherwise
cause by decrementing the real TTL field and (2) security problems
that unscrupulous servers could otherwise cause by manipulating the
...
... security problems
that unscrupulous servers could otherwise cause by manipulating the
real TTL field. This original TTL is protected by the signature
...
... that unscrupulous servers could otherwise cause by manipulating the
real TTL field. This original TTL is protected by the signature
while the current TTL ...
... pointers), (2) all domain name letters set to lower case, and (3) the
original TTL substituted for the current TTL.
...
... all domain name letters set to lower case, and (3) the
original TTL substituted for the current TTL.
...
... originating server host, the owner name, class, TTL,
and original TTL, are meaningless. The class ...
... and original TTL, are meaningless. The class and TTL fields
SHOULD be zero. To conserve space, the owner name SHOULD be root
...
... signatures have expired. Within that
constraint, servers should continue to follow DNS TTL aging. Thus
authoritative servers should continue to follow the zone refresh and
...
... refresh and
expire parameters and a non-authoritative server should count down
the TTL and discard RRs when the TTL is zero. In addition, when RRs ...
... the TTL and discard RRs when the TTL is zero. In addition, when RRs
are transmitted in a query ...
... RRs
are transmitted in a query response, the TTL should be trimmed so
that current time plus the TTL does not extend beyond the signature ...
... query response, the TTL should be trimmed so
that current time plus the TTL does not extend beyond the signature
expiration time. Thus, in general, the TTL ...
... TTL does not extend beyond the signature
expiration time. Thus, in general, the TTL on an transmitted RR
would be
...
... If the original TTL, which applies to the type signed, is the same as
the TTL of the SIG RR itself, it may be omitted. The date field
...
... SIG RR itself, it may be omitted. The date field
which follows it is larger than the maximum possible TTL so there is
no ambiguity.
...
... off-line process that signs the
zone (see Section 7.2). The NXT RR's TTL SHOULD not exceed the zone
minimum TTL.
...
... signature lifetime be a small multiple of the
TTL but not less than a reasonable re-signing interval.
...