[DNSSEC] Resolver behavior with broken DS records
'Stephane Bortzmeyer'
bortzmeyer at nic.fr
Mon May 9 11:45:36 UTC 2011
On Mon, May 09, 2011 at 01:00:03PM +0200,
Marc Lampo <marc.lampo at eurid.eu> wrote
a message of 47 lines which said:
> 1 correct DS record,
> 1 DS record, correct in everything but the algorithm
And one DS record hashed with SHA-1 and one hashed with SHA-2? This
was necessary to trigger the problem, because of RFC 4509, section 3
(SHA-1 records are ignored if SHA-2 ones are present).
More information about the bind-users
mailing list