How to Setup DNSSEC
Mark Andrews
marka at isc.org
Wed Oct 17 03:17:08 UTC 2012
In message <507E212E.5090904 at riseup.net>, pangj writes:
> ÓÚ 2012-10-17 10:54, Mark Andrews дµÀ:
> > There is no DS for udp53.org so there is no secure trust chain.
>
> does this mean .org has not been signed?
No. It means that there is no DS for udp53.org.
For udp53.org to validate as secure there needs to the following
set to records.
. DNSKEY
ORG DS
ORG DNSKEY
UDP53.ORG DS # Missing
UDP53.ORG DNSKEY
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list