[Opendnssec-user] Re: DNSSEC zone pre-deployment checks

Stephane Bortzmeyer bortzmeyer at nic.fr
Fri Mar 25 11:45:55 UTC 2011


On Fri, Mar 25, 2011 at 11:55:02AM +0100,
 Carsten Strotmann (Men & Mice) <carsten.strotmann at menandmice.com> wrote 
 a message of 88 lines which said:

> * Signatures

Check that all signatures are valid (BIND's TYPE65534 bug modified the
NSEC3 record without changing its signature, thus rendering it
invalid). Warning: it takes crypto time.



More information about the Opendnssec-user mailing list