Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

My earlier post described altering the format and included the file that anchors2keys would work with. Kal Feher On 17/07/2010, at 23:46, "Stephane Bortzmeyer" wrote: On Fri, Jul 16, 2010 at 01:57:05PM +, ALAIN AINA wrote a message of 20 lines which said: https://itar.iana.org/i

Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

On Fri, Jul 16, 2010 at 01:57:05PM +, ALAIN AINA wrote a message of 20 lines which said: > https://itar.iana.org/instructions/ It does not work, it was only for ITAR and the published Trust Anchor uses a different format: % ./anchors2keys -v root-anchors.xml No DNSKEYs found, quitting T

Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

On Jul 16, 2010, at 1:43 PM, Stephane Bortzmeyer wrote: > On Fri, Jul 16, 2010 at 03:00:11PM +0200, > Kalman Feher wrote > a message of 85 lines which said: > >> anchors2keys worked fine so long as the format was correct so... > > I didn't know this tool. Where can we find it? Google does not

Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

On Fri, Jul 16, 2010 at 03:00:11PM +0200, Kalman Feher wrote a message of 85 lines which said: > anchors2keys worked fine so long as the format was correct so... I didn't know this tool. Where can we find it? Google does not know. ___ bind-users ma

Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

As a once off I did the following last night. (yes I know the DNSKEY would have been fine too). anchors2keys worked fine so long as the format was correct so... I just cut and pasted the content of : https://data.iana.org/root-anchors/root-anchors.xml Zone to delegation, algorithm, digest type and

Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

On Fri, Jul 16, 2010 at 06:16:13PM +0900, Kazunori Fujiwara wrote a message of 25 lines which said: > You can check root DNSKEY RR and root-anchors.xml > using dig and dnssec-dsfromkey. Good idea and here is a Makefile and a XSLT script which automates the whole thing. Bug reports welcome. K

Re: How do I get from IANA's root-anchors.xml to managed-keys{}?

> From: Hauke Lampe > http://data.iana.org/root-anchors/root-anchors.xml > http://data.iana.org/root-anchors/root-anchors.asc > > The XML file contains a DS hash of the root KSK, but BIND needs a public key > in the managed-keys clause. > > Are there any tools to retrieve the DNSKEY and validat

How do I get from IANA's root-anchors.xml to managed-keys{}?

Greetings, everyone. Now that the signed root is finally in production, how do I initialize BIND's RFC5011 key management from the XML file published by IANA? I downloaded the files and checked the PGP signature: http://data.iana.org/root-anchors/root-anchors.xml http://data.iana.org/root-anch