My earlier post described altering the format and included the file
that anchors2keys would work with.
Kal Feher
On 17/07/2010, at 23:46, "Stephane Bortzmeyer"
wrote:
On Fri, Jul 16, 2010 at 01:57:05PM +,
ALAIN AINA wrote
a message of 20 lines which said:
https://itar.iana.org/i
On Fri, Jul 16, 2010 at 01:57:05PM +,
ALAIN AINA wrote
a message of 20 lines which said:
> https://itar.iana.org/instructions/
It does not work, it was only for ITAR and the published Trust Anchor
uses a different format:
% ./anchors2keys -v root-anchors.xml
No DNSKEYs found, quitting
T
On Jul 16, 2010, at 1:43 PM, Stephane Bortzmeyer wrote:
> On Fri, Jul 16, 2010 at 03:00:11PM +0200,
> Kalman Feher wrote
> a message of 85 lines which said:
>
>> anchors2keys worked fine so long as the format was correct so...
>
> I didn't know this tool. Where can we find it? Google does not
On Fri, Jul 16, 2010 at 03:00:11PM +0200,
Kalman Feher wrote
a message of 85 lines which said:
> anchors2keys worked fine so long as the format was correct so...
I didn't know this tool. Where can we find it? Google does not know.
___
bind-users ma
As a once off I did the following last night. (yes I know the DNSKEY would
have been fine too). anchors2keys worked fine so long as the format was
correct so...
I just cut and pasted the content of :
https://data.iana.org/root-anchors/root-anchors.xml
Zone to delegation, algorithm, digest type and
On Fri, Jul 16, 2010 at 06:16:13PM +0900,
Kazunori Fujiwara wrote
a message of 25 lines which said:
> You can check root DNSKEY RR and root-anchors.xml
> using dig and dnssec-dsfromkey.
Good idea and here is a Makefile and a XSLT script which automates the
whole thing. Bug reports welcome.
K
> From: Hauke Lampe
> http://data.iana.org/root-anchors/root-anchors.xml
> http://data.iana.org/root-anchors/root-anchors.asc
>
> The XML file contains a DS hash of the root KSK, but BIND needs a public key
> in the managed-keys clause.
>
> Are there any tools to retrieve the DNSKEY and validat
Greetings, everyone.
Now that the signed root is finally in production, how do I initialize BIND's
RFC5011 key management from the XML file published by IANA?
I downloaded the files and checked the PGP signature:
http://data.iana.org/root-anchors/root-anchors.xml
http://data.iana.org/root-anch
8 matches
Mail list logo