On 12/29/2010 3:37 AM, Marc Lampo wrote:
> However, we now found the following case :
> 1) registrar offers us DNSKEY information with algorithm 7 :
> RSASHA1-NSEC3-SHA1
> 2) in the zone file, there are NSEC (and not NSEC3) records
This is not an error.
The only reason for there being "different
What was the observed behaviour in your test system?
>From a sanity point of view and if you are checking the zone prior to
accepting the DNSKEY, then I see nothing wrong in rejecting it. There are
already other restrictions on domains in .EU that establish a precedent for
being more demanding on
Hello,
And my best whishes for the new year 2011 !
May we have lots of interesting questions, where we all can learn from ;-)
(hope my question is also in that category ...)
As .eu top level domain we try to avoid inserting DS records in our zone
where corresponding DNSKEY information is missing
3 matches
Mail list logo