Hi,
I'm trying to understand what exactly is wrong with DNSSEC for my
domain, penguinpee.nl, before contacting involved parties.
I recently (last weekend) moved the domain to a new registrar. The keys
are now managed by the registrar directly. At least I don't see an
option providing my own or additional keys in their web interface.
Moreover, I'm no longer running my own DNS server. :(
Previously, I could set my own BIND server as a primary server for my
domain and have the registrar use AXFR to update the secondaries.
The DNSViz analysis for the current situation:
https://dnsviz.net/d/penguinpee.nl/Y5oJSw/dnssec/
And from before the move:
https://dnsviz.net/d/penguinpee.nl/Yq3P8w/dnssec/
Verisign has one single complaint: No DS records found for penguinpee.nl
in the nl zone.
IIUC, the details for the DS record have to be provided by my new
registrar, so SIDN can add them.
-- Sandro
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
