ioss.gov
Updated:
2021-04-30 20:01:30 UTC (1090 days ago)
Go to most recent »
Notices
DNSSEC Authentication Chain
RRset status
Bogus (2)
- ioss.gov/NS
- ioss.gov/SOA
DNSKEY/DS/NSEC status
Bogus (4)
- ioss.gov/DNSKEY (alg 8, id 12559)
- ioss.gov/DNSKEY (alg 8, id 20417)
- ioss.gov/DNSKEY (alg 8, id 29152)
- ioss.gov/DNSKEY (alg 8, id 43755)
Secure (7)
- ./DNSKEY (alg 8, id 14631)
- ./DNSKEY (alg 8, id 20326)
- gov/DNSKEY (alg 8, id 48498)
- gov/DNSKEY (alg 8, id 7698)
- gov/DS (alg 8, id 7698)
- ioss.gov/DS (alg 8, id 18829)
- ioss.gov/DS (alg 8, id 45124)
Non_existent (2)
- ioss.gov/DNSKEY (alg 8, id 18829)
- ioss.gov/DNSKEY (alg 8, id 45124)
Delegation status
Bogus (1)
- gov to ioss.gov
Secure (1)
- . to gov
Notices
Errors (2)
- gov to ioss.gov: No valid RRSIGs made by a key corresponding to a DS RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. (8.44.96.33, 8.44.96.34, UDP_-_EDNS0_4096_D_KN)
- gov to ioss.gov: The DS RRset for the zone included algorithm 8 (RSASHA256), but no DS RR matched a DNSKEY with algorithm 8 that signs the zone's DNSKEY RRset. (8.44.96.33, 8.44.96.34, UDP_-_EDNS0_4096_D_KN)
Warnings (4)
- ioss.gov/DS (alg 8, id 45124): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
- ioss.gov/DS (alg 8, id 45124): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
- ioss.gov/DS (alg 8, id 45124): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
- ioss.gov/DS (alg 8, id 45124): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
JavaScript is required to make the graph below interactive.
