ae.org

Updated: 2023-08-10 14:50:21 UTC (284 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Secure (6)

ae.org/A
ae.org/MX
ae.org/NS
ae.org/NSEC3PARAM
ae.org/SOA
ae.org/TXT

DNSKEY/DS/NSEC status

Secure (14)

./DNSKEY (alg 8, id 11019)
./DNSKEY (alg 8, id 20326)
ae.org/DNSKEY (alg 7, id 1067)
ae.org/DNSKEY (alg 7, id 28704)
ae.org/DNSKEY (alg 7, id 40968)
ae.org/DNSKEY (alg 7, id 42725)
ae.org/DNSKEY (alg 7, id 8139)
ae.org/DS (alg 7, id 28704)
ae.org/DS (alg 7, id 28704)
ae.org/DS (alg 7, id 8139)
org/DNSKEY (alg 8, id 26974)
org/DNSKEY (alg 8, id 33825)
org/DNSKEY (alg 8, id 35418)
org/DS (alg 8, id 26974)

Delegation status

Secure (2)

. to org
org to ae.org

Notices

Warnings (25)

RRSIG ae.org/A alg 7, id 1067: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/DNSKEY alg 7, id 28704: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/DNSKEY alg 7, id 28704: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/DNSKEY alg 7, id 28704: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/DNSKEY alg 7, id 28704: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/DNSKEY alg 7, id 28704: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/MX alg 7, id 1067: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/NS alg 7, id 1067: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/NSEC3PARAM alg 7, id 1067: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/SOA alg 7, id 40968: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG ae.org/TXT alg 7, id 1067: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
ae.org/A: The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, UDP_-_EDNS0_4096_D_KN)
ae.org/DNSKEY (alg 7, id 1067): The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, TCP_-_EDNS0_4096_D_KN)
ae.org/DNSKEY (alg 7, id 28704): The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, TCP_-_EDNS0_4096_D_KN)
ae.org/DNSKEY (alg 7, id 40968): The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, TCP_-_EDNS0_4096_D_KN)
ae.org/DNSKEY (alg 7, id 42725): The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, TCP_-_EDNS0_4096_D_KN)
ae.org/DNSKEY (alg 7, id 8139): The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, TCP_-_EDNS0_4096_D_KN)
ae.org/DS (alg 7, id 28704): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
ae.org/DS (alg 7, id 28704): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
ae.org/DS (alg 7, id 28704): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
ae.org/DS (alg 7, id 28704): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
ae.org/MX: The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, UDP_-_EDNS0_512_D_KN)
ae.org/NSEC3PARAM: The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, UDP_-_EDNS0_4096_D_KN)
ae.org/SOA: The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_4096_D_KN_0x20)
ae.org/TXT: The server appears to support DNS cookies but did not return a COOKIE option. (2001:67c:13cc::1:24, UDP_-_EDNS0_4096_D_KN)

DNSKEY legend

Full legend

	SEP bit set
	Revoke bit set
	Trust anchor

ae.org

RRset status

Secure (6)

DNSKEY/DS/NSEC status

Secure (14)

Delegation status

Secure (2)

Notices

Warnings (25)

DNSKEY legend

See also