[Opendnssec-user] auditor bug: NSEC includes SSHFP which is not in rrsets for git.foo.com.
paul at nohats.ca
Wed Feb 8 19:14:48 UTC 2012
On Wed, 8 Feb 2012, Matthijs Mekking wrote:
> Hi Paul,
> I just tried it with my own zone, but the signer does not include the
> SSHFP RRtype in the NSEC and so the auditor has nothing to complain about.
> Which version are you using?
It might work with other records too. Try using an MX record, then
changing the entry to CNAME and removing the MX.
More information about the Opendnssec-user