[Opendnssec-develop] Re: [OpenDNSSEC] #69: OpenDNSSEC + DLV (isc.org)

OpenDNSSEC owner-dnssec-trac at kirei.se
Tue Jan 5 10:34:10 UTC 2010


#69: OpenDNSSEC + DLV (isc.org)
------------------------------------+---------------------------------------
Reporter:  archi.laurent@…          |       Owner:  rb                        
    Type:  defect                   |      Status:  new                       
Priority:  trivial                  |   Component:  Unknown                   
 Version:  trunk                    |    Keywords:  OpenDNSSEC + DLV (isc.org)
------------------------------------+---------------------------------------

Comment(by rb):

 Hello

 Yeah, OpenDNSSEC is now considered stable.

 Could you give some background information? Are trying to upload DNSKEYs
 from your zone to dlv.isc.org? Do you have DNSKEYs in your zone if you
 check your signed zone?

 Use:
 dig yourzone.com DNSKEY

 Do you follow their instructions to have extra TXT RR?
 https://dlv.isc.org/about/requirements

 They support RSASHA1, DSA, NSEC3-RSASHA1-SHA1, and NSEC3-DSA-SHA1. But we
 also handles RSASHA256 and RSASHA512

 So both dlv.isc.org and OpenDNSSEC handles NSEC3.

 As long as you can sign your zone, there is no problem with OpenDNSSEC.
 DLV is something that is handled by the resolver and in your case
 dlv.isc.org.

 Are you using a TLD that is not using DNSSEC?

-- 
Ticket URL: <http://trac.opendnssec.org/ticket/69#comment:1>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC


More information about the Opendnssec-develop mailing list