A total +1000, really really cool.
I’m sharing along.
On 21 Jun 2017, at 13:42, Richard Lamb wrote:
Yes. Very very cool.. Thank you. -Rick
-----Original Message-----
From: [email protected] [mailto:dnssec-
[email protected]] On Behalf Of Wessels, Duane
Sent: Wednesday, June 21, 2017 7:15 AM
To: Roland van Rijswijk - Deij <[email protected]>
Cc: Willem Toorop <[email protected]>; DNSSEC deployment <dnssec-
[email protected]>
Subject: Re: [Dnssec-deployment] Online DS and signing algorithm test
Roland,
The algorithm test is really great. Thanks for developing and
running that!
DW
On Jun 21, 2017, at 3:46 AM, Roland van Rijswijk - Deij
<[email protected]> wrote:
Hi all,
As some of you may have picked up at the last ICANN DNSSEC workshop
or
at DNS OARC, we've started a project to track the impact of the Root
KSK rollover over the coming months (dubbed the "Root Canary"
project,
see also https://rootcanary.org for rudimentary info).
As a spin-off of this project, NLnet Labs and SURFnet have set up an
online test that determines which DS and signing algorithms the
resolver(s) configured on your system support. You can find the test
here:
https://rootcanary.org/test.html
The test includes 4 DS algorithms (SHA1, SHA256, SHA512, GOST) and
all
signing algorithms. It does not do a full NSEC vs. NSEC3 test, as we
assume that NSEC3 support likely also means NSEC is supported.
Feedback/suggestions are of course welcome :-), please contact me
and/or Willem Toorop at NLnet Labs.
Cheers,
Roland
--
-- Roland M. van Rijswijk - Deij
-- SURFnet bv
-- w: http://www.surf.nl/en/about-surf/subsidiaries/surfnet
-- e: [email protected]
