problem for validate the script dnssec to isc dlv

Thu Mar 24 23:38:48 UTC 2011

In message <1301008426.12273.115.camel at localhost.localdomain>, "fakessh @" writes:
> it is 6 months since I used no worries dlv

What keys do you have recorded with dlv.isc.org?
Do they match what you currently have in the zone?

Click on ManageZones
Click on (details)
Under More click on (details)

Below is a check run for my personal zone with all the details.
You will notice that only one of the DNSKEYs (which is what I
submitted to the registry) is accepted.  The other, a zone signing
key, is filtered out.

Unfortunately I don't have a manger bit set on this account so I
can't see your zone and hence can't see the keys you have submitted.

Mark

0.000:INFO Started: Thu Mar 24 20:36:08 +0000 2011
0.000:DEBUG RUN: Sending a recursive query for andrews.wattle.id.au NS
0.832:DEBUG RUN: Got response for recursive query andrews.wattle.id.au NS NOERROR
0.832:DEBUG RUN: Got referral
0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ns0.rfc1035.com.
0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS sfba.sns-pb.isc.org.
0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ns2.araneus.fi.
0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ord.sns-pb.isc.org.
0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ams.sns-pb.isc.org.
0.839:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns0.rfc1035.com A
0.849:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns0.rfc1035.com A NOERROR
0.849:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns0.rfc1035.com AAAA
0.854:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns0.rfc1035.com AAAA NOERROR
0.855:DEBUG RUN GET_ADDRESSES: Caching address for ns0.rfc1035.com => 93.186.33.42, 2001:4B10:100:7::53
0.857:DEBUG RUN: Enqueued query 1 to 93.186.33.42 for andrews.wattle.id.au DNSKEY
0.859:DEBUG RUN: Enqueued query 2 to 2001:4B10:100:7::53 for andrews.wattle.id.au DNSKEY
0.860:DEBUG RUN GET_ADDRESSES: Sending a recursive query for sfba.sns-pb.isc.org A
0.918:DEBUG RUN GET_ADDRESSES: Got response for recursive query sfba.sns-pb.isc.org A NOERROR
0.918:DEBUG RUN GET_ADDRESSES: Sending a recursive query for sfba.sns-pb.isc.org AAAA
1.093:DEBUG RUN GET_ADDRESSES: Got response for recursive query sfba.sns-pb.isc.org AAAA NOERROR
1.094:DEBUG RUN GET_ADDRESSES: Caching address for sfba.sns-pb.isc.org => 149.20.64.3, 2001:4F8:0:2::19
1.096:DEBUG RUN: Enqueued query 3 to 149.20.64.3 for andrews.wattle.id.au DNSKEY
1.099:DEBUG RUN: Enqueued query 4 to 2001:4F8:0:2::19 for andrews.wattle.id.au DNSKEY
1.099:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns2.araneus.fi A
1.144:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns2.araneus.fi A NOERROR
1.144:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns2.araneus.fi AAAA
1.148:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns2.araneus.fi AAAA NOERROR
1.148:DEBUG RUN GET_ADDRESSES: Caching address for ns2.araneus.fi => 83.246.72.252
1.150:DEBUG RUN: Enqueued query 5 to 83.246.72.252 for andrews.wattle.id.au DNSKEY
1.150:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ord.sns-pb.isc.org A
1.232:DEBUG RUN GET_ADDRESSES: Got response for recursive query ord.sns-pb.isc.org A NOERROR
1.233:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ord.sns-pb.isc.org AAAA
1.240:DEBUG RUN GET_ADDRESSES: Got response for recursive query ord.sns-pb.isc.org AAAA NOERROR
1.241:DEBUG RUN GET_ADDRESSES: Caching address for ord.sns-pb.isc.org => 199.6.0.30, 2001:500:71::30
1.243:DEBUG RUN: Enqueued query 6 to 199.6.0.30 for andrews.wattle.id.au DNSKEY
1.246:DEBUG RUN: Enqueued query 7 to 2001:500:71::30 for andrews.wattle.id.au DNSKEY
1.246:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ams.sns-pb.isc.org A
1.362:DEBUG RUN GET_ADDRESSES: Got response for recursive query ams.sns-pb.isc.org A NOERROR
1.363:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ams.sns-pb.isc.org AAAA
1.371:DEBUG RUN GET_ADDRESSES: Got response for recursive query ams.sns-pb.isc.org AAAA NOERROR
1.371:DEBUG RUN GET_ADDRESSES: Caching address for ams.sns-pb.isc.org => 199.6.1.30, 2001:500:60::30
1.374:DEBUG RUN: Enqueued query 8 to 199.6.1.30 for andrews.wattle.id.au DNSKEY
1.376:DEBUG RUN: Enqueued query 9 to 2001:500:60::30 for andrews.wattle.id.au DNSKEY
1.376:DEBUG RUN: Got activity for 2, from 2001:4B10:100:7::53
1.376:DEBUG RUN: Found answer from 2001:4B10:100:7::53
1.380:DEBUG RUN: Got activity for 1, from 93.186.33.42
1.381:DEBUG RUN: Found answer from 93.186.33.42
1.384:DEBUG RUN: Got activity for 3, from 149.20.64.3
1.384:DEBUG RUN: Found answer from 149.20.64.3
1.388:DEBUG RUN: Got activity for 4, from 2001:4F8:0:2::19
1.388:DEBUG RUN: Found answer from 2001:4F8:0:2::19
1.392:DEBUG RUN: Got activity for 6, from 199.6.0.30
1.392:DEBUG RUN: Found answer from 199.6.0.30
1.396:DEBUG RUN: Got activity for 7, from 2001:500:71::30
1.397:DEBUG RUN: Found answer from 2001:500:71::30
1.400:DEBUG RUN: Got activity for 5, from 83.246.72.252
1.400:DEBUG RUN: Found answer from 83.246.72.252
1.569:DEBUG RUN: Got activity for 9, from 2001:500:60::30
1.569:DEBUG RUN: Found answer from 2001:500:60::30
1.673:DEBUG RUN: Got activity for 8, from 199.6.1.30
1.673:DEBUG RUN: Found answer from 199.6.1.30
1.677:SUCCESS 83.246.72.252 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 2001:500:71::30 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 2001:500:60::30 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 2001:4F8:0:2::19 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 149.20.64.3 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 93.186.33.42 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 199.6.1.30 answered DNSKEY query with rcode NOERROR
1.677:SUCCESS 2001:4B10:100:7::53 answered DNSKEY query with rcode NOERROR
1.678:SUCCESS 199.6.0.30 answered DNSKEY query with rcode NOERROR
1.678:INFO Total answers: 9
1.679:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:500:71::30
1.679:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:500:60::30
1.680:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:4F8:0:2::19
1.680:DEBUG COMPARE: Comparing results from 83.246.72.252 to 149.20.64.3
1.681:DEBUG COMPARE: Comparing results from 83.246.72.252 to 93.186.33.42
1.681:DEBUG COMPARE: Comparing results from 83.246.72.252 to 199.6.1.30
1.682:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:4B10:100:7::53
1.682:DEBUG COMPARE: Comparing results from 83.246.72.252 to 199.6.0.30
1.682:SUCCESS All DNSKEY responses are identical.
1.690:DEBUG VERIFY-DNSKEY: Checking tag=14518 flags=257 alg=RSASHA1 AwEAAail...w9T7jCEO3U=
1.690:DEBUG VERIFY-DNSKEY: Accepted key.
1.690:DEBUG VERIFY-DNSKEY: Checking tag=64476 flags=256 alg=RSASHA1 AwEAAcVl...QbW/yEAnhON
1.691:DEBUG VERIFY-DNSKEY: Ignoring key.
1.691:INFO VERIFY-DNSKEY: 2 DNSKEYs found.
1.691:INFO VERIFY-DNSKEY: 1 keys found after filtering.
1.691:DEBUG VERIFY-DNSKEY: Using keys:
1.691:DEBUG VERIFY-DNSKEY: tag=14518 flags=257 alg=RSASHA1 AwEAAail...w9T7jCEO3U=
1.691:DEBUG VERIFY-DNSKEY: To verify rrset type DNSKEY
1.695:SUCCESS DNSKEY signatures validated.
1.696:SUCCESS VALIDATED_SEP_KEY: andrews.wattle.id.au. 3600 IN DNSKEY 257 3 RSASHA1 ( AwEAAailzXCUvRIfjCiZ548gPx+y+/W5Nab2TOMdsQweYFfJw00XRdIGH2OW6S+rLVqlx5Di0fyS44MR/vHizHCp+9MtzSKiJvly6EOYo9ckAmtYrwpdQhERAzkAF35EsF0JJzn6xZThIPYsyw+17gc+lf75GQ0ZPiJgKigTk1/gdOlCN497tzo3Fu7T8u4ymwf49Gl3NpMAvGCNP7UK2HSiVy7+CNc7X5VkSEqvq5/ZNQHj2uTfrqeEAk1+4llo6xa+n+s23lhOzXymWMyAIGr9SZ2fqj7mYceQvAGDSO/VkmY/WrARqEbUJAqroJV8f8tVajQlS6FomY5d2w9T7jCEO3U= ) ; key_tag=14518
1.696:INFO Name servers which responded: 83.246.72.252, 2001:500:71::30, 2001:500:60::30, 2001:4F8:0:2::19, 149.20.64.3, 93.186.33.42, 199.6.1.30, 2001:4B10:100:7::53, 199.6.0.30
1.696:FINAL_SUCCESS Success.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org