Public bug reported: Binary package hint: dnsutils
I'm trying to validate my DNSSEC zone signatures using dig. To do this I need to use the +sigchase flag to dig. When I do so, this is what I see: toccata% dig +sigchase +dnssec DS fugue.se. Invalid option: +sigchase Usage: dig [EMAIL PROTECTED] [domain] [q-type] [q-class] {q-opt} {global-d-opt} host [EMAIL PROTECTED] {local-d-opt} [ host [EMAIL PROTECTED] {local-d-opt} [...]] Use "dig -h" (or "dig -h | more") for complete list of options toccata% I think what's going on here is that dig has not been compiled with the -DDIG_SIGCHASE option. Given all the excitement recently with Dan Kaminsky's DNS bug, I think the ability to check DNSSEC signatures is now a requirement, not something that should be optional. Dig is a debugging tool for DNS administrators, and in order for us to debug our DNSSEC installations, we need dig to be able to verify signatures. toccata% lsb_release -rd Description: Ubuntu 8.04.1 Release: 8.04 toccata% apt-cache policy dnsutils dnsutils: Installed: 1:9.4.2-10ubuntu0.1 Candidate: 1:9.4.2-10ubuntu0.1 Version table: *** 1:9.4.2-10ubuntu0.1 0 500 http://us.archive.ubuntu.com hardy-updates/main Packages 500 http://security.ubuntu.com hardy-security/main Packages 100 /var/lib/dpkg/status 1:9.4.2-10 0 500 http://us.archive.ubuntu.com hardy/main Packages toccata% ** Affects: bind9 (Ubuntu) Importance: Undecided Status: New -- dig compiled without -DDIG_SIGCHASE! https://bugs.launchpad.net/bugs/257682 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs