[Pdns-dev] DS RRs do not validate
bert hubert
bert.hubert at netherlabs.nl
Sat Apr 23 10:01:43 CEST 2011
On Fri, Apr 22, 2011 at 05:53:21PM -0400, James Cloos wrote:
> I followed the instructions in the wiki, but the DS RRs which pdnssec
> show-zone reports do not work.
Thanks for testing!
Maybe something else is going on. Can you show 'pdnssec show-zone
jhcloos.us'? It only shows public keying material.
If you use the 'dig' command line suggested by the wiki, which verifies
using the plain DNSKEY and not the DS, does that work?
> You can try lookups for jhcloos.us. (SOA, MX and NS RRs exist) with
> the anchor:
>
> jhcloos.us IN DS 23900 8 2 4713604b388fd3310c1cc7e01f43e0a8dc56f7b2d69de77ed5a72a5d627bf517
I'll see what I can find by querying it.
Bert
More information about the Pdns-dev
mailing list