dlv.isc.org

Updated: 2021-05-28 11:59:57 UTC (1069 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Secure (3)

dlv.isc.org/NS
dlv.isc.org/SOA
dlv.isc.org/TXT

DNSKEY/DS/NSEC status

Secure (13)

./DNSKEY (alg 8, id 14631)
./DNSKEY (alg 8, id 20326)
dlv.isc.org/DNSKEY (alg 5, id 19297)
dlv.isc.org/DNSKEY (alg 5, id 64263)
dlv.isc.org/DS (alg 5, id 19297)
dlv.isc.org/DS (alg 5, id 19297)
isc.org/DNSKEY (alg 13, id 27566)
isc.org/DNSKEY (alg 13, id 7250)
isc.org/DS (alg 13, id 7250)
org/DNSKEY (alg 8, id 20130)
org/DNSKEY (alg 8, id 26974)
org/DNSKEY (alg 8, id 30453)
org/DS (alg 8, id 26974)

Delegation status

Secure (3)

. to org
isc.org to dlv.isc.org
org to isc.org

Notices

Errors (2)

dlv.isc.org zone: The server(s) were not responsive to queries over UDP. (2001:502:ad09::23)
dlv.isc.org/NS: No response was received from the server over UDP (tried 12 times). (2001:502:ad09::23, UDP_-_NOEDNS_)

Warnings (12)

RRSIG dlv.isc.org/DNSKEY alg 5, id 19297: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG dlv.isc.org/DNSKEY alg 5, id 19297: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG dlv.isc.org/DNSKEY alg 5, id 64263: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG dlv.isc.org/DNSKEY alg 5, id 64263: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG dlv.isc.org/NS alg 5, id 64263: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG dlv.isc.org/SOA alg 5, id 64263: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG dlv.isc.org/TXT alg 5, id 64263: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
dlv.isc.org/DS (alg 5, id 19297): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
dlv.isc.org/DS (alg 5, id 19297): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
dlv.isc.org/DS (alg 5, id 19297): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
dlv.isc.org/DS (alg 5, id 19297): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
org to isc.org: Authoritative AAAA records exist for ns3.isc.org, but there are no corresponding AAAA glue records.

DNSKEY legend

Full legend

	SEP bit set
	Revoke bit set
	Trust anchor

dlv.isc.org

RRset status

Secure (3)

DNSKEY/DS/NSEC status

Secure (13)

Delegation status

Secure (3)

Notices

Errors (2)

Warnings (12)

DNSKEY legend

See also