DNSSEC external validation issues
Evan Hunt
each at isc.org
Sun Nov 13 01:22:19 UTC 2011
> The external zone has been signed using the Algorithm: 5 (RSASHA1):
> Here is the public key:
>
> bonsi.org. IN DNSKEY 257 3 5
> AwEAAeAzIIujd7iu+pGOhvSzHHkakbyVorVAeZC1IS9AIWL2jk4v8HWo
> fuHaAMfAJyBnnr+lIWnMWzZSkdI6ustf+z1WTC5Es9f+kFsLpljRTr8G
> cktr1XsbIPyZcfgbky5mrVU2qCaLmv9RhMyQHM2iNyyCXt8M/sefkpLo vt0LIdoL
It's not been published to the DNS yet:
$ dig +dnssec dnskey bonsi.org
; <<>> DiG 9.9.0b1 <<>> +dnssec dnskey bonsi.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50834
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;bonsi.org. IN DNSKEY
;; Query time: 91 msec
;; SERVER: 192.168.18.1#53(192.168.18.1)
;; WHEN: Sat Nov 12 17:18:55 2011
;; MSG SIZE rcvd: 38
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list