Merge branch 'dnssec-resign-early' into 'master'
DNSSEC: signatures refreshing Included changes: * The signatures are now refreshed (signature_lifetime / 10) seconds before their expiration. The default signature lifetime is 30 days, therefore the signatures are refreshed 3 days before their expiration. * The parameter 'expires_at' in signing functions was renamed to 'refresh_at', as the name was misleading. * The signing policy structure was cleaned and helper functions were added. * DNSSEC event logging was changed from relative to absolute value, because the intervals are much longer now.
Showing with 194 additions and 160 deletions