[Opendnssec-develop] Testing for RC3, found a new zone to test with

Rickard Bellgrim rickard.bellgrim at iis.se
Thu Jan 21 11:44:40 UTC 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> It looks like the trailing dots are already in the unsigned zone file,
> so from a ldns perspective that looks good.
>
> I tested it on my machine, and I did not get these errors.

Perhaps a problem related to my version of ruby (1.8.6) and dnsruby (1.42).

> I did get signature verification failure for the DNSKEY. It seems that
> if there is a DNSKEY with a different TTL than //Keys/TTL, it is
> assumed
> a different RRset. A fix is committed soon.

Do all of the DNSKEYs need to be in the same RRset? So the DNSKEY in the unsigned zone gets manipulated to have the same TTL as the ones created by OpenDNSSEC?

// Rickard

-----BEGIN PGP SIGNATURE-----
Version: 9.8.3 (Build 4028)
Charset: utf-8

wsBVAwUBS1g+KOCjgaNTdVjaAQjc1ggAjLndjYfHFdhOhTquK3b4OLcpeuP6K0xF
48MOUkpGpeMNelqxtWv4D9Mve3Rm8KwHH63dH6qJw3rjV+UWTUvrh8FkKxgmUANQ
1GIQHq86q7rAm7c8uaHgM38YxUnPIak1hy4oxTxf1ZY6MqCohN4FmvQ8RM9vSDvd
VKBJkBIOF3UQoxzcbBqqFXZtwv2gs1OaEyL7Csk8VKOjpvmaWhVY3Ab6C5mfmeM3
bvg+F1jRkrhWSk0+6waIHWQBSCLa7xgkxrzm0GkIPrDkab/oDWS7MckaDB3VTKz3
EnPnjYNtqCL77d30aG2DLjumqU5GME5azZdgEkaoPsV1ZBCcVSc/MA==
=zZB7
-----END PGP SIGNATURE-----


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20100121/98d39975/attachment.htm>


More information about the Opendnssec-develop mailing list