[Opendnssec-user] Auditor failing to verify signatures which appear to be ok
Matthijs Mekking
matthijs at NLnetLabs.nl
Fri Mar 26 00:02:52 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Dave,
I'd like to know a little bit more about the system you are running on...
Thanks,
Matthijs
Dave Knight wrote:
> On 2010-03-18, at 11:58 AM, Alexd at nominet.org.uk wrote:
>
>>> I have to imagine that I am hitting a bug in the Auditor.
>> Yes!
>>
>> I will make sure I find a fix.
>>
>> FWIW, this behaviour does not occur in the trunk (soon to be 1.1) version of OpenDNSSEC (not due to changes in the auditor).
>>
>> Thanks for the report,
>
> Possibly useful data point...
>
> I was signing in-addr-servers.arpa with NSEC and SHA256 and the auditor didn't like it.
>
> I just created a new policy for NSEC3 and SHA256, signed the zone with that and the auditor likes it fine.
>
> dave_______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBAgAGBQJLq/mqAAoJEA8yVCPsQCW5h8MH+wVWRHRklw1RHgJAnna7o8UP
339LnmWrKIYwXs//d/N4StYSp6D6QGlSMurqjxXE5CHxWfcYkHs7R0psnQzNEPix
fq3A7aopQlVpUxTuZIWjX42eBiqsMWgMpRzhaKrcqrAeaDOO0uIB+O6MUG9cwQWY
VPqutBCnTJ+ekPBHKZci0KjBFhA2jWEdj7dqFR00t8gDG2aLThLzPAutJtUrEfv6
YTqtMzaD/DfuldMI0iSTHG/pfA02K015PqRRENpML9jP+SJUxZhKI7zWSHB+X1tT
q8pJdxp1vlmlhE4xqUBV+6XkNqcPlboYTB/Hh1NBm6w4Hjbz1a+Zlsqq7xmArPI=
=YaI8
-----END PGP SIGNATURE-----
More information about the Opendnssec-user
mailing list