[Pdns-users] DS record: Algorithm and data inconsistent?
Peter Thomassen
peter at desec.io
Tue May 19 12:39:29 UTC 2015
Hi,
I am trying to publish DS records for desec.io with the .io registry.
Upon entering the DS records in their web interface, I get the
following error:
> The Algorithm and data do not match in your DS record
I am surprised, because the records are from pdnssec show-zone:
# pdnssec show-zone desec.io
Zone is not presigned
Zone has hashed NSEC3 semantics, configuration: 1 0 10 fa73040f3a2a2b29
keys:
ID = 28 (KSK), tag = 6454, algo = 8, bits = 2048 Active: 1 ( RSASHA256 )
KSK DNSKEY = desec.io IN DNSKEY 257 3 8
AwEAAcw5QLr0IjC0wKbGoBPQv4qmeqHy9mvL5qGQTuaG5TSrNqEAR6b/qvxDx6my4JmEmjUPA1JeEI9YfTUieMr2UZflu7aIbZFLw0vqiYrywCGrCHXLalOrEOmrvAxLvq4vHtuTlH7JIszzYBSes8g1vle6KG7xXiP3U5Ll96Qiu6bZ31rlMQSPB20xbqJJh6psNSrQs41QvdcXAej+K2Hl1Wd8kPriec4AgiBEh8sk5Pp8W9ROLQ7PcbqqttFaW2m7N/Wy4qcFU13roWKDEAstbxH5CHPoBfZSbIwK4KM6BK/uDHpSPIbiOvOCW+lvu9TAiZPc0oysY6aslO7jXv16Gws=
; ( RSASHA256 )
DS = desec.io IN DS 6454 8 1 24396e17e36d031f71c354b06a979a67a01f503e ;
( SHA1 digest )
DS = desec.io IN DS 6454 8 2
5cba665a006f6487625c6218522f09bd3673c25fa10f25cb18459aa10df1f520 ; (
SHA256 digest )
DS = desec.io IN DS 6454 8 3
d0fdc4ab1e4f65740bc42432e7e991faac873f546e023057533fb16ce7a8dc45 ; (
GOST R 34.11-94 digest )
DS = desec.io IN DS 6454 8 4
38edfe972014bb081e4f5d72078e268a69bafa6b61013eeaaa1f805c936d79a4e12bb22d9a25f7a034b77e4700da8a5e
; ( SHA-384 digest )
ID = 29 (ZSK), tag = 32110, algo = 8, bits = 1024 Active: 1 ( RSASHA256 )
I really would appreciate if you could help me fix this problem.
Thanks,
Peter
--
OpenPGP Key: 0x3EF22D2F
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20150519/92046139/attachment.sig>
More information about the Pdns-users
mailing list