[Opendnssec-user] Re: Key tag miscalculation?
Paul Wouters
paul at cypherpunks.ca
Thu Jan 5 15:00:33 UTC 2012
On Thu, 5 Jan 2012, Paul Wouters wrote:
> Date: Thu, 5 Jan 2012 09:01:46
> From: Paul Wouters <paul at cypherpunks.ca>
> To: opendnssec-user at lists.opendnssec.org
> Subject: Key tag miscalculation?
>
> hacklab.to. 3600 IN DNSKEY 256 3 7 (
> BQEAAAABx40rbmkAmztlEyW1vfV9Rc4FJ9b+q4CAKka2
> Tpo2Fj/mEvD+5FX6oqgGLD78Tdyo8nSMTjCqOzFRIPFl
> fcHTg713tvQIV6SINjCK+s1LghW9LB07xXUj7Lsxv+rH
> Lxdj0Vm6lPbI4XUU2bP/snskSFjqz/8/Eg5wc3S70GTh
> t6c=
> ) ; key id = 50014
hacklab.to ZSK active 2012-01-20
14:45:24 AB SoftHSM
50012
As seen here, this was an operator error with the wrong --policy. I
thought all my keys were RSASHA1 but this key was RSASHA1-NSEC3.
Paul
More information about the Opendnssec-user
mailing list