army.mil
Updated:
2020-09-10 16:32:52 UTC (1395 days ago)
Go to most recent »
Notices
DNSSEC Authentication Chain
RRset status
Secure (5)
- army.mil/A
- army.mil/AAAA
- army.mil/NS
- army.mil/SOA
- army.mil/TXT
DNSKEY/DS/NSEC status
Secure (12)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 46594)
- army.mil/DNSKEY (alg 8, id 30256)
- army.mil/DNSKEY (alg 8, id 49608)
- army.mil/DNSKEY (alg 8, id 61578)
- army.mil/DS (alg 8, id 30256)
- army.mil/DS (alg 8, id 30256)
- mil/DNSKEY (alg 8, id 15684)
- mil/DNSKEY (alg 8, id 4983)
- mil/DNSKEY (alg 8, id 7765)
- mil/DS (alg 8, id 7765)
- mil/DS (alg 8, id 7765)
Delegation status
Secure (2)
- . to mil
- mil to army.mil
Notices
Errors (17)
- army.mil zone: The server(s) responded over TCP with a malformed response or with an invalid RCODE. See RFC 1035, Sec. 4.1.1. (130.114.200.6)
- army.mil zone: The server(s) responded over UDP with a malformed response or with an invalid RCODE. See RFC 1035, Sec. 4.1.1. (130.114.200.6)
- army.mil/A: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, UDP_-_EDNS0_4096_D_K)
- army.mil/AAAA: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, UDP_-_EDNS0_4096_D_K)
- army.mil/DNSKEY: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, UDP_-_EDNS0_4096_D_K, UDP_-_EDNS0_512_D_K)
- army.mil/DS (alg 8, id 30256): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- army.mil/DS (alg 8, id 30256): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- army.mil/NS: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, UDP_-_EDNS0_4096_D_K)
- army.mil/SOA: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, TCP_-_EDNS0_4096_D)
- army.mil/SOA: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, UDP_-_EDNS0_4096_D_K, UDP_-_EDNS0_4096_D_K_0x20)
- army.mil/TXT: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (130.114.200.6, UDP_-_EDNS0_4096_D_K)
- mil/DS (alg 8, id 7765): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- mil/DS (alg 8, id 7765): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- army.mil/DNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.
- army.mil/MX has errors; select the "Denial of existence" DNSSEC option to see them.
- gu72f1oyv6.army.mil/A has errors; select the "Denial of existence" DNSSEC option to see them.
- army.mil/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (7)
- army.mil/DS (alg 8, id 30256): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- army.mil/DS (alg 8, id 30256): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- mil/DS (alg 8, id 7765): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- mil/DS (alg 8, id 7765): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- army.mil/MX has warnings; select the "Denial of existence" DNSSEC option to see them.
- gu72f1oyv6.army.mil/A has warnings; select the "Denial of existence" DNSSEC option to see them.
- army.mil/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
JavaScript is required to make the graph below interactive.
