[Opendnssec-user] Difference between BIND and ODS signed output
Jerry Lundström
jerry at opendnssec.org
Fri Oct 26 15:19:35 UTC 2012
Hi Jake,
Looks like a bug. Could you please report this to
http://issues.opendnssec.org (
https://wiki.opendnssec.org/display/DOCS/Reporting+bugs ) and include
all versions, OS info, logs and such. Also if you can run it with
Verbosity 6 and include those log it will help.
Cheers,
Jerry
/Jerry
On 26 okt 2012, at 17:03, elsif <jake at elsif.net> wrote:
> Unsigned zone:
> lac-megantic.qc.ca. IN NS ns1.com2media.ca.
> IN NS ns2.com2media.ca.
> ville.lac-megantic.qc.ca. IN NS ns1.com2media.ca.
> IN NS ns2.com2media.ca.
>
> Signed zone (ODS):
> lac-megantic.qc.ca. 86400 IN NS ns1.com2media.ca.
> lac-megantic.qc.ca. 86400 IN NS ns2.com2media.ca.
>
>
> Signed zone (BIND):
> lac-megantic.qc.ca. 86400 IN NS ns1.com2media.ca.
> 86400 IN NS ns2.com2media.ca.
> ville.lac-megantic.qc.ca. 86400 IN NS ns1.com2media.ca.
> 86400 IN NS ns2.com2media.ca.
>
> It appears ODS is ignoring the 4th level when the 3rd level exists (presumably this behaviour would be different if the NS RRset differs, but I've yet to confirm that).
>
> I didn't expect zones to disappear from the signed zone, in any case, and makes our post-signing validation checks fail.
>
> Can this be considered a bug?
>
> Thanks,
>
> -Jake
>
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
More information about the Opendnssec-user
mailing list