Error to validate the signature of a SIG(0) transaction...

Jim Reid jim at
Thu Jan 13 15:47:02 UTC 2005

>>>>> "Manuel" == Manuel Gil Perez <manuel at> writes:

    Manuel> Jim, I'd like to add a reliable RSA public key in the
    Manuel> server but DNSSec can only store keys in DNSKEY
    Manuel> format. How can I convert a key from RSA to DNSKEY for
    Manuel> storing it like reliable for the server??

I don't understand the question or what you mean by a "reliable" RSA
public key. The DNSSEC-related RFCs and drafts document the text and
wire format of the keys. If you've got some other RSA key from
somewhere else, you'll need to figure out for yourself how to
translate that into DNSKEY or KEY RRtypes. [After all, only you will
know the format of that original RSA key.] Perhaps there's something
in the OpenSSL tookit that can help?

More information about the bind-users mailing list