gov.na

Updated: 2020-10-13 15:50:50 UTC (1317 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Insecure (5)

gov.na/A
gov.na/MX
gov.na/NS
gov.na/SOA
gov.na/TXT

Secure (1)

na/SOA

DNSKEY/DS/NSEC status

Insecure (2)

gov.na/DNSKEY (alg 7, id 32438)
gov.na/DNSKEY (alg 7, id 62511)

Secure (7)

./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 26116)
NSEC proving non-existence of gov.na/DS
na/DNSKEY (alg 5, id 25076)
na/DNSKEY (alg 5, id 34162)
na/DNSKEY (alg 5, id 37455)
na/DS (alg 5, id 25076)

Delegation status

Insecure (1)

na to gov.na

Secure (1)

. to na

Notices

Warnings (16)

RRSIG NSEC proving non-existence of gov.na/DS alg 5, id 37455: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG gov.na/A alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/DNSKEY alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/DNSKEY alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/DNSKEY alg 7, id 62511: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/DNSKEY alg 7, id 62511: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/MX alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/NS alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/SOA alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG gov.na/TXT alg 7, id 32438: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG na/DNSKEY alg 5, id 25076: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG na/DNSKEY alg 5, id 25076: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG na/DNSKEY alg 5, id 25076: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG na/SOA alg 5, id 37455: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
na/DS (alg 5, id 25076): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
na/DS (alg 5, id 25076): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).

DNSKEY legend

Full legend

	SEP bit set
	Revoke bit set
	Trust anchor

gov.na

RRset status

Insecure (5)

Secure (1)

DNSKEY/DS/NSEC status

Insecure (2)

Secure (7)

Delegation status

Insecure (1)

Secure (1)

Notices

Warnings (16)

DNSKEY legend

See also