On Tue, 8 Sep 2009, Stephane Bortzmeyer wrote: [added [email protected] to the reply]
Subject: [Unbound-users] .PR servfails with Unbound but not with BIND
% dig SOA pr.
I get the key through DLV.
It's outdated and wrong and missing the new key. On Aug 19 2009, pr added this key:
PR. IN DNSKEY 257 3 5 AwEAAeDPv9lQ7Ej5Ld9Fz/FKLhdOajwtEXsWykj65ugIa4Di1nY6ti9n
dkeR4kp1aSNlvf6N7KsjunfMJj4SccBwcY77DrxmQ+g9nI09ePMZvxF2 U63Lv9BftGaIguYdkYZVSwHd1q7DdXqNkLaD4tZEHiN0h/3wBdTQUPH1 IoskD1vGxiPw2egftk6sVQdvOJWaAgSpmG0eq+/e90WVTNX4/xhA17Pr dQQJIheZQ3+EsDoil8kyJZC12KoHYpFklx7+aCiR2u8Fumy6ARFR4PP0 n7bnBaKOgMpVzz+KI79a3USDkj9RhNog50iSWgaBM75Xu0IBNEpcCVYZ YjwDESgiDXc= And on Sep 4 2009, pr removed this keys: < PR. IN DNSKEY 257 3 5 AwEAAc6SkFSHw00wJFUWd1Td/efsxhfX+UTrxrzqQXNuZ8Qj2PiP6p/m BxysJt06XgSCB41CPhkgvgqrtdaJ/hXKG81xNXUcGfqvV9wYMJnN+oBB /lLaQU/39fWaNc4fBGiRI2dNDVKPry2YX6y04YrEGRM+wf6HWHVdW1Js xuMuDOSr
% dig DLV pr.dlv.isc.org.
;; ANSWER SECTION: pr.dlv.isc.org. 3255 IN DLV 62704 5 2 57E017A982196D194B3F52CDD39F86A9A33DED75064F285A9242BA7A 448A659C pr.dlv.isc.org. 3255 IN DLV 62704 5 1 AFA72CB11D4C97657D82338AF6D569ED614166EB
These are the old key, and that DLV record should be removed. The new DLV record should be: pr.dlv.isc.org. IN DLV 6277 5 2 6966580bb25c608540e8224039561c7b2a1488d1f927c5cdbd137f4ef3d31528 pr.dlv.isc.org. IN DLV 6277 5 1 05d02dce8385974d958a5db409f6ff3658293b2 I guess we need a MUCH better communication method between TLD's, iTAR and ISC's DLV. This is bad. Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
