icann.org

Updated: 2021-10-04 17:38:30 UTC (956 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Secure (7)

icann.org/A
icann.org/AAAA
icann.org/MX
icann.org/NS
icann.org/NSEC3PARAM
icann.org/SOA
icann.org/TXT

DNSKEY/DS/NSEC status

Secure (14)

./DNSKEY (alg 8, id 14748)
./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 26838)
icann.org/DNSKEY (alg 7, id 18060)
icann.org/DNSKEY (alg 7, id 23584)
icann.org/DNSKEY (alg 7, id 30473)
icann.org/DNSKEY (alg 7, id 48458)
icann.org/DS (alg 7, id 17248)
icann.org/DS (alg 7, id 18060)
icann.org/DS (alg 7, id 23584)
org/DNSKEY (alg 8, id 26974)
org/DNSKEY (alg 8, id 39681)
org/DNSKEY (alg 8, id 6555)
org/DS (alg 8, id 26974)

Non_existent (1)

icann.org/DNSKEY (alg 7, id 17248)

Delegation status

Secure (2)

. to org
org to icann.org

Notices

Errors (1)

org zone: The server(s) were not responsive to queries over UDP. (2001:500:c::1)

Warnings (20)

./DNSKEY (alg 8, id 14748): The server appears to support DNS cookies but did not return a COOKIE option. (2001:7fd::1, UDP_-_EDNS0_4096_D_KN)
./DNSKEY (alg 8, id 20326): The server appears to support DNS cookies but did not return a COOKIE option. (2001:7fd::1, UDP_-_EDNS0_4096_D_KN)
./DNSKEY (alg 8, id 26838): The server appears to support DNS cookies but did not return a COOKIE option. (2001:7fd::1, UDP_-_EDNS0_4096_D_KN)
RRSIG icann.org/A alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/AAAA alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 18060: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 18060: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 18060: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 18060: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 23584: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 23584: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 23584: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/DNSKEY alg 7, id 23584: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/MX alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/NS alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/NSEC3PARAM alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/SOA alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG icann.org/TXT alg 7, id 30473: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
org/DS (alg 8, id 26974): The server appears to support DNS cookies but did not return a COOKIE option. (2001:7fd::1, UDP_-_EDNS0_4096_D_KN)
org/DS (alg 8, id 26974): The server appears to support DNS cookies but did not return a COOKIE option. (2001:7fd::1, UDP_-_EDNS0_4096_D_KN)