diff --git a/DnsServerCore/www/index.html b/DnsServerCore/www/index.html index 6fe1efc9..d0da8152 100644 --- a/DnsServerCore/www/index.html +++ b/DnsServerCore/www/index.html @@ -2500,7 +2500,7 @@ ns1.example.com ([2001:db8::]) - + @@ -2800,7 +2800,7 @@ ns1.example.com ([2001:db8::]) -
+
@@ -2811,55 +2811,57 @@ ns1.example.com ([2001:db8::])
-
- -
-
- -
-
- -
-
- +
+
+ +
+
+ +
+
+ +
+
+ +
-
-
- -
- +
+ +
+ +
-
-
- -
- +
+ +
+ +
-
-
- -
- +
+ +
+ +
-
-
- -
- +
+ +
+ +
@@ -3191,7 +3193,7 @@ ns1.example.com ([2001:db8::])
-

WARNING! Unsigning the zone without removing all DS records from its parent zone will cause recursive resolvers to mark the zone as bogus and fail to resolve it.

+

WARNING! Unsigning the zone without removing all DS records from its parent zone will cause DNSSEC validating recursive resolvers to mark the zone as bogus and fail to resolve it.

WARNING! Make sure that you have removed all of the DS records from the parent zone and sufficient time has passed before unsigning this zone. You MUST wait for at least the number of seconds specified by the DS record's TTL value to elapse before unsigning the zone to ensure that all recursive resolvers would have expired the DS records from its cache. For example, if you have DS records at the parent zone with TTL value set to 86400 seconds then you must wait for 86400 seconds (24 hours) to pass after you delete the DS records from the parent zone. Once you have ensured that you have waited for the appropriate time then you can unsign the zone safely.