blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
4.4 Signature Expiration, TTLs, and Validity Connected: An Internet Encyclopedia
4.4 Signature Expiration, TTLs, and Validity

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 2065
Up: 4. The SIG Resource Record
Prev: 4.3 Processing Responses and SIG RRs
Next: 4.5 File Representation of SIG RRs

4.4 Signature Expiration, TTLs, and Validity

4.4 Signature Expiration, TTLs, and Validity

Security aware servers must not consider SIG RRs to authenticate anything after their expiration time and not consider any RR to be authenticated after its signatures have expired. Within that constraint, servers should continue to follow DNS TTL aging. Thus authoritative servers should continue to follow the zone refresh and expire parameters and a non-authoritative server should count down the TTL and discard RRs when the TTL is zero. In addition, when RRs are transmitted in a query response, the TTL should be trimmed so that current time plus the TTL does not extend beyond the signature expiration time. Thus, in general, the TTL on an transmitted RR would be

         min(sigExpTim,max(zoneMinTTL,min(originalTTL,currentTTL)))


Next: 4.5 File Representation of SIG RRs

Connected: An Internet Encyclopedia
4.4 Signature Expiration, TTLs, and Validity

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609