[Pdns-users] Sending up public dnssec key to registry thru EPP

Pieter Lexis pieter.lexis at powerdns.com
Thu Nov 30 17:09:26 UTC 2017

Hi Daniel,

Pushing this back to the mailing list, please send replies there.

On Thu, 30 Nov 2017 17:22:15 +0100
Daniel Eriksson <daniel at egensajt.se> wrote:

> Thanks for your reply!
> I tried now with egenblog.se correctly and with the DNSKEY instead but I 
> think it's like you are saying, it might be that
> IIS registry is refreshed its zones only  every 3 hours and the update 
> has not passed yet. I will wait and see!
> One question, if it's corrcect to send up the DNSKEY, are theese the 
> correct values of keytag, alg, digesttype and digest?
> <secDNS:keyTag>27425</secDNS:keyTag><secDNS:alg>13</secDNS:alg><secDNS:digestType>2</secDNS:digestType><secDNS:digest>6TPW2LtkyHxnp6seozCgy30K1de6VyjdhRj9bojnM2lnEx7mp27A0nGs/tEoIOL4zD/I34gppG0+8WCvZbUmlA==</secDNS:digest>

Digest and digesttype make no sense when sending the DNSKEY (only the DS records have this).
I have very little experience with EPP so I can't really help here.
I suggest grabbing the EPP documentation for the .se registry to see what they expect and allow.

Best regards,


Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com

More information about the Pdns-users mailing list