problem for validate the script dnssec to isc dlv

fakessh @ fakessh at fakessh.eu
Fri Mar 25 01:14:18 UTC 2011


http://secspider.cs.ucla.edu/fakessh-eu--dnskey.txt

this page indicate a DSA algorhtyme 
it's my old algorthyme
new is RSA
Le vendredi 25 mars 2011 à 01:25 +0100, fakessh @ a écrit :
> I did click Click ManageZones
> Click on (details)
> Click under More (more) 
> performance test
> 
> 
> 
> the total result is 
> http://pastebin.com/1bAYHj0d
> 
> i mail hostmaster of ns1.novacrea.fr 
> is a friend
> 
> Le vendredi 25 mars 2011 à 10:38 +1100, Mark Andrews a écrit :
> > In message <1301008426.12273.115.camel at localhost.localdomain>, "fakessh @" writes:
> > > it is 6 months since I used no worries dlv
> > 
> > What keys do you have recorded with dlv.isc.org?
> > Do they match what you currently have in the zone?
> > 
> > Click on ManageZones
> > Click on (details)
> > Under More click on (details)
> > 
> > Below is a check run for my personal zone with all the details.
> > You will notice that only one of the DNSKEYs (which is what I
> > submitted to the registry) is accepted.  The other, a zone signing
> > key, is filtered out.
> > 
> > Unfortunately I don't have a manger bit set on this account so I
> > can't see your zone and hence can't see the keys you have submitted.
> > 
> > Mark
> > 
> > 0.000:INFO Started: Thu Mar 24 20:36:08 +0000 2011
> > 0.000:DEBUG RUN: Sending a recursive query for andrews.wattle.id.au NS
> > 0.832:DEBUG RUN: Got response for recursive query andrews.wattle.id.au NS NOERROR
> > 0.832:DEBUG RUN: Got referral
> > 0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ns0.rfc1035.com.
> > 0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS sfba.sns-pb.isc.org.
> > 0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ns2.araneus.fi.
> > 0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ord.sns-pb.isc.org.
> > 0.839:DEBUG RUN: andrews.wattle.id.au. 300 IN NS ams.sns-pb.isc.org.
> > 0.839:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns0.rfc1035.com A
> > 0.849:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns0.rfc1035.com A NOERROR
> > 0.849:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns0.rfc1035.com AAAA
> > 0.854:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns0.rfc1035.com AAAA NOERROR
> > 0.855:DEBUG RUN GET_ADDRESSES: Caching address for ns0.rfc1035.com => 93.186.33.42, 2001:4B10:100:7::53
> > 0.857:DEBUG RUN: Enqueued query 1 to 93.186.33.42 for andrews.wattle.id.au DNSKEY
> > 0.859:DEBUG RUN: Enqueued query 2 to 2001:4B10:100:7::53 for andrews.wattle.id.au DNSKEY
> > 0.860:DEBUG RUN GET_ADDRESSES: Sending a recursive query for sfba.sns-pb.isc.org A
> > 0.918:DEBUG RUN GET_ADDRESSES: Got response for recursive query sfba.sns-pb.isc.org A NOERROR
> > 0.918:DEBUG RUN GET_ADDRESSES: Sending a recursive query for sfba.sns-pb.isc.org AAAA
> > 1.093:DEBUG RUN GET_ADDRESSES: Got response for recursive query sfba.sns-pb.isc.org AAAA NOERROR
> > 1.094:DEBUG RUN GET_ADDRESSES: Caching address for sfba.sns-pb.isc.org => 149.20.64.3, 2001:4F8:0:2::19
> > 1.096:DEBUG RUN: Enqueued query 3 to 149.20.64.3 for andrews.wattle.id.au DNSKEY
> > 1.099:DEBUG RUN: Enqueued query 4 to 2001:4F8:0:2::19 for andrews.wattle.id.au DNSKEY
> > 1.099:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns2.araneus.fi A
> > 1.144:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns2.araneus.fi A NOERROR
> > 1.144:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ns2.araneus.fi AAAA
> > 1.148:DEBUG RUN GET_ADDRESSES: Got response for recursive query ns2.araneus.fi AAAA NOERROR
> > 1.148:DEBUG RUN GET_ADDRESSES: Caching address for ns2.araneus.fi => 83.246.72.252
> > 1.150:DEBUG RUN: Enqueued query 5 to 83.246.72.252 for andrews.wattle.id.au DNSKEY
> > 1.150:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ord.sns-pb.isc.org A
> > 1.232:DEBUG RUN GET_ADDRESSES: Got response for recursive query ord.sns-pb.isc.org A NOERROR
> > 1.233:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ord.sns-pb.isc.org AAAA
> > 1.240:DEBUG RUN GET_ADDRESSES: Got response for recursive query ord.sns-pb.isc.org AAAA NOERROR
> > 1.241:DEBUG RUN GET_ADDRESSES: Caching address for ord.sns-pb.isc.org => 199.6.0.30, 2001:500:71::30
> > 1.243:DEBUG RUN: Enqueued query 6 to 199.6.0.30 for andrews.wattle.id.au DNSKEY
> > 1.246:DEBUG RUN: Enqueued query 7 to 2001:500:71::30 for andrews.wattle.id.au DNSKEY
> > 1.246:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ams.sns-pb.isc.org A
> > 1.362:DEBUG RUN GET_ADDRESSES: Got response for recursive query ams.sns-pb.isc.org A NOERROR
> > 1.363:DEBUG RUN GET_ADDRESSES: Sending a recursive query for ams.sns-pb.isc.org AAAA
> > 1.371:DEBUG RUN GET_ADDRESSES: Got response for recursive query ams.sns-pb.isc.org AAAA NOERROR
> > 1.371:DEBUG RUN GET_ADDRESSES: Caching address for ams.sns-pb.isc.org => 199.6.1.30, 2001:500:60::30
> > 1.374:DEBUG RUN: Enqueued query 8 to 199.6.1.30 for andrews.wattle.id.au DNSKEY
> > 1.376:DEBUG RUN: Enqueued query 9 to 2001:500:60::30 for andrews.wattle.id.au DNSKEY
> > 1.376:DEBUG RUN: Got activity for 2, from 2001:4B10:100:7::53
> > 1.376:DEBUG RUN: Found answer from 2001:4B10:100:7::53
> > 1.380:DEBUG RUN: Got activity for 1, from 93.186.33.42
> > 1.381:DEBUG RUN: Found answer from 93.186.33.42
> > 1.384:DEBUG RUN: Got activity for 3, from 149.20.64.3
> > 1.384:DEBUG RUN: Found answer from 149.20.64.3
> > 1.388:DEBUG RUN: Got activity for 4, from 2001:4F8:0:2::19
> > 1.388:DEBUG RUN: Found answer from 2001:4F8:0:2::19
> > 1.392:DEBUG RUN: Got activity for 6, from 199.6.0.30
> > 1.392:DEBUG RUN: Found answer from 199.6.0.30
> > 1.396:DEBUG RUN: Got activity for 7, from 2001:500:71::30
> > 1.397:DEBUG RUN: Found answer from 2001:500:71::30
> > 1.400:DEBUG RUN: Got activity for 5, from 83.246.72.252
> > 1.400:DEBUG RUN: Found answer from 83.246.72.252
> > 1.569:DEBUG RUN: Got activity for 9, from 2001:500:60::30
> > 1.569:DEBUG RUN: Found answer from 2001:500:60::30
> > 1.673:DEBUG RUN: Got activity for 8, from 199.6.1.30
> > 1.673:DEBUG RUN: Found answer from 199.6.1.30
> > 1.677:SUCCESS 83.246.72.252 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 2001:500:71::30 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 2001:500:60::30 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 2001:4F8:0:2::19 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 149.20.64.3 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 93.186.33.42 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 199.6.1.30 answered DNSKEY query with rcode NOERROR
> > 1.677:SUCCESS 2001:4B10:100:7::53 answered DNSKEY query with rcode NOERROR
> > 1.678:SUCCESS 199.6.0.30 answered DNSKEY query with rcode NOERROR
> > 1.678:INFO Total answers: 9
> > 1.679:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:500:71::30
> > 1.679:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:500:60::30
> > 1.680:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:4F8:0:2::19
> > 1.680:DEBUG COMPARE: Comparing results from 83.246.72.252 to 149.20.64.3
> > 1.681:DEBUG COMPARE: Comparing results from 83.246.72.252 to 93.186.33.42
> > 1.681:DEBUG COMPARE: Comparing results from 83.246.72.252 to 199.6.1.30
> > 1.682:DEBUG COMPARE: Comparing results from 83.246.72.252 to 2001:4B10:100:7::53
> > 1.682:DEBUG COMPARE: Comparing results from 83.246.72.252 to 199.6.0.30
> > 1.682:SUCCESS All DNSKEY responses are identical.
> > 1.690:DEBUG VERIFY-DNSKEY: Checking tag=14518 flags=257 alg=RSASHA1 AwEAAail...w9T7jCEO3U=
> > 1.690:DEBUG VERIFY-DNSKEY: Accepted key.
> > 1.690:DEBUG VERIFY-DNSKEY: Checking tag=64476 flags=256 alg=RSASHA1 AwEAAcVl...QbW/yEAnhON
> > 1.691:DEBUG VERIFY-DNSKEY: Ignoring key.
> > 1.691:INFO VERIFY-DNSKEY: 2 DNSKEYs found.
> > 1.691:INFO VERIFY-DNSKEY: 1 keys found after filtering.
> > 1.691:DEBUG VERIFY-DNSKEY: Using keys:
> > 1.691:DEBUG VERIFY-DNSKEY: tag=14518 flags=257 alg=RSASHA1 AwEAAail...w9T7jCEO3U=
> > 1.691:DEBUG VERIFY-DNSKEY: To verify rrset type DNSKEY
> > 1.695:SUCCESS DNSKEY signatures validated.
> > 1.696:SUCCESS VALIDATED_SEP_KEY: andrews.wattle.id.au. 3600 IN DNSKEY 257 3 RSASHA1 ( AwEAAailzXCUvRIfjCiZ548gPx+y+/W5Nab2TOMdsQweYFfJw00XRdIGH2OW6S+rLVqlx5Di0fyS44MR/vHizHCp+9MtzSKiJvly6EOYo9ckAmtYrwpdQhERAzkAF35EsF0JJzn6xZThIPYsyw+17gc+lf75GQ0ZPiJgKigTk1/gdOlCN497tzo3Fu7T8u4ymwf49Gl3NpMAvGCNP7UK2HSiVy7+CNc7X5VkSEqvq5/ZNQHj2uTfrqeEAk1+4llo6xa+n+s23lhOzXymWMyAIGr9SZ2fqj7mYceQvAGDSO/VkmY/WrARqEbUJAqroJV8f8tVajQlS6FomY5d2w9T7jCEO3U= ) ; key_tag=14518
> > 1.696:INFO Name servers which responded: 83.246.72.252, 2001:500:71::30, 2001:500:60::30, 2001:4F8:0:2::19, 149.20.64.3, 93.186.33.42, 199.6.1.30, 2001:4B10:100:7::53, 199.6.0.30
> > 1.696:FINAL_SUCCESS Success.
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110325/e97ca0d7/attachment.bin>


More information about the bind-users mailing list