dren.mil
Updated:
2023-03-13 21:01:27 UTC (416 days ago)
Go to most recent »
Notices
DNSSEC Authentication Chain
RRset status
Secure (4)
- dren.mil/MX
- dren.mil/NS
- dren.mil/SOA
- dren.mil/TXT
DNSKEY/DS/NSEC status
Secure (13)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 951)
- dren.mil/DNSKEY (alg 10, id 34130)
- dren.mil/DNSKEY (alg 10, id 58377)
- dren.mil/DNSKEY (alg 8, id 1012)
- dren.mil/DNSKEY (alg 8, id 47466)
- dren.mil/DNSKEY (alg 8, id 49732)
- dren.mil/DS (alg 8, id 1012)
- dren.mil/DS (alg 8, id 1012)
- mil/DNSKEY (alg 8, id 55084)
- mil/DNSKEY (alg 8, id 62470)
- mil/DNSKEY (alg 8, id 8715)
- mil/DS (alg 8, id 62470)
Delegation status
Secure (2)
- . to mil
- mil to dren.mil
Notices
Errors (1)
- dren.mil/SOA: The DNSKEY RRset for the zone included algorithm 10 (RSASHA512), but no RRSIG with algorithm 10 covering the RRset was returned in the response. (140.32.59.226, 140.32.61.226, 140.32.131.142, 2001:480:31:ffff::53, 2001:480:a0:f003::226, 2001:480:b0:f003::226, TCP_-_EDNS0_4096_D_N, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_4096_D_KN_0x20)
Warnings (26)
- RRSIG dren.mil/DNSKEY alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 58377: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 58377: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 58377: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 58377: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/DNSKEY alg 10, id 58377: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/MX alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/NS alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- RRSIG dren.mil/TXT alg 10, id 34130: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512).
- dren.mil/DNSKEY (alg 10, id 34130): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/DNSKEY (alg 10, id 58377): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/DNSKEY (alg 8, id 1012): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/DNSKEY (alg 8, id 47466): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/DNSKEY (alg 8, id 49732): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/DS (alg 8, id 1012): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
- dren.mil/DS (alg 8, id 1012): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
- dren.mil/DS (alg 8, id 1012): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
- dren.mil/DS (alg 8, id 1012): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
- dren.mil/MX: No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/NS: No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
- dren.mil/SOA: No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_4096_D_KN_0x20)
- dren.mil/TXT: No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (140.32.61.226, UDP_-_EDNS0_4096_D_KN)
JavaScript is required to make the graph below interactive.
