On 03/27/11 20:45, fakessh @ wrote: > That would be the key with id 47103 in your case. The one that has SEP > flag, the one that only signs DNSKEY records and not others. > Regards, > Torinthiel > http://www.mail-archive.com/bind-users@lists.isc.org/msg09107.html > > This is your word > > i reread the thread to fevrier > http://www.mail-archive.com/bind-users@lists.isc.org/msg09084.html > > Mark Andrews quote > Because there are already DLV records for the key in the DLV. > > ;; ANSWER SECTION: > fakessh.eu.dlv.isc.org. 3529 IN DLV 47103 3 2 > 68096942650C1DD89D5BE43A9EEA05BA9C20F09EDC55309F4F1CD348 4D8ED07B > fakessh.eu.dlv.isc.org. 3529 IN DLV 47103 3 1 > CFEA04C5B918359273D6BAC07AE7F2DF5225E357 > > > here i am Ok. Now, reread the current thread. At least three people in this thread only have identified and pinpointed the problem. Two of your nameservers, ns0.xname.org and ns2.xname.org do not support DNSSec right now. Unless you do something about this, possibilities include fixing them or dropping them from your authoritative servers, there's nothing anyone can help you. Your zone is NOT DNSSec enabled, and ISC's DLV registry correctly refuses to list it's keys. If you don't trust us, please go to http://dnsviz.net/d/fakessh.eu/dnssec/ or http://secspider.cs.ucla.edu/fakessh-eu--zone.html, probably your account in dlv.isc.org or any DNSSec debugger of your choice. I've really assumed that you've fixed issues that were pointed numerous times before asking for next steps.
Torinthiel
signature.asc
Description: OpenPGP digital signature
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
