[Pdns-dev] ecdsa256 keys bug

James Cloos cloos at jhcloos.com
Fri Jan 27 12:35:38 CET 2012


  :; pdnssec add-zone-key example.net zsk ecdsa256

I get:

  :; pdnssec show-zone example.net

  Zone has hashed NSEC3 semantics, configuration: 1 1 1 ab
  Zone is not presigned
  ... [ previous keys elided ] ...
  ID = 888 (ZSK), tag = 8888, algo = 8, bits = 256        Active: 0


  :; dig @localhost example.net. dnskey +tcp  
  ... [ other data elided ] ...
  example.net.           3600    IN      DNSKEY  256 3 8 AAA=

(I've confirmed that the dig results I elided match the previous ksk
and zsk keys I also elided.  Those previous keys are algo=8 and are
reported correcly as such.)

(The ID, tag and name were changed to protect the innocent. :)

I also tried using gost, but that errored out as unrecognized.

I'm currently running the version in debian sid:


James Cloos <cloos at jhcloos.com>         OpenPGP: 1024D/ED7DAEA6

More information about the Pdns-dev mailing list