isc.org

Updated: 2020-10-08 15:46:07 UTC (1510 days ago) Go to most recent »

DNSSEC options (hide)

Notices

DNSSEC Authentication Chain

./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 26116)
./DNSKEY (alg 8, id 46594)
isc.org/DNSKEY (alg 13, id 27566)
isc.org/DNSKEY (alg 13, id 7250)
isc.org/DS (alg 13, id 7250)
org/DNSKEY (alg 7, id 17883)
org/DNSKEY (alg 7, id 22064)
org/DNSKEY (alg 8, id 26974)
org/DNSKEY (alg 8, id 63858)
org/DS (alg 8, id 26974)

isc.org zone: The server(s) were not responsive to queries over TCP. See RFC 1035, Sec. 4.2. (51.75.79.143)
isc.org/SOA: No response was received from the server over TCP (tried 3 times). See RFC 1035, Sec. 4.2. (51.75.79.143, TCP_-_EDNS0_4096_D)
isc.org/SOA: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (51.75.79.143, UDP_-_NOEDNS_)
kij0qd6mcy.isc.org/A has errors; select the "Denial of existence" DNSSEC option to see them.

RRSIG isc.org/DS alg 7, id 22064: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
isc.org/DS has warnings; select the "Denial of existence" DNSSEC option to see them.