Breaking trusted chain in dnssec
Georg Kahest
georg.kahest at internet.ee
Wed Jul 13 12:54:56 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 07/13/2016 03:16 PM, Mark Andrews wrote:
>
> In message
> <CANYqYkPaK6R6aGuQRt1d0Scqq0aUznNtmwPpPjs=B-RkWaWc5w at mail.gmail.com>,
> rams writes:
>>
>> Greetings...! Is any one explain how to break trusted chain in
>> dnssec with example how to create zone or data with trusted chain
>> break.
>>
>> Thanks & Regards, ramesh
>
> You have a delegation without a DS record.
>
Or have a DS record without actual dnskey/rrsig records in the
delegated zone.
- --
Georg Kahest
System Administrator / Süsteemiadministraator
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXhjogAAoJEFDOdES6xIFjtzUP/3akK6kXLmtWsdzN+nPGjnbU
ZFhkM6JVR8V6WfVpsbnEDCpz3yA54G0V1CiRw4Pg8kNnadpaLvgS1joPlEHEfTeO
kNgM50nvxQZthFnF/gyoZFtv6AeIKvGpbtJgSGLUrxJMSEALF8X369cb/bH10z2Z
GvDgLxhIHUR+loq5e+meCekY9oQ4Bz52bH7bxPee0eBl3GCVvcyRJQc9aeLLQUkJ
u7MADjmbYO+K0VgG6QfqDOROoWuT9WegEREK1EEPYNIF5M2ExVa7UNOtbcbwMsUk
E70U8cs1H96B+QtAsMxbQWS43pzsBb9grXGGLxrs+xLGQg3tDQPMjZqWwgRXZIdX
9eJvqPsOKNyoNqlUVG8rgpQ13Fdia5B/n3i8+7kjwEV+QCovgO1/r5QZLw0moMyc
8eXtLW5D74TxHm1qNSD8koY4sa2SI0qABxBBQZEG+cyUEnDj+iYLQUz6NtnNIlIo
wHhStRNavL8AYrdGJa+rJvO1r1CAbRH9nUt3GnFNn3aPfOQxAd0dBEbtBhNMkqwR
AZiVzAE2PKSnHTuDnfViAPyQkoEFo6+8uL7iiXkdKvYlrkXGE99vIpPiZaZVH6TH
2X/chkLDKZ96jYOe/fdlsi2LDGyb/oui33lUR57T/TZ4S+n2ihihsRB1Wqev9Nz5
5QalqbX77kpEaCdZWkb2
=28f9
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list