keys.gnupg.net
Updated:
2021-06-01 20:34:55 UTC (1299 days ago)
Update now
Notices
DNSSEC Authentication Chain
RRset status
Insecure (1)
- keys.gnupg.net/CNAME
Secure (4)
- hkps.pool.sks-keyservers.net/A (NXDOMAIN)
- net/SOA
- net/SOA
- sks-keyservers.net/SOA
DNSKEY/DS/NSEC status
Secure (10)
- ./DNSKEY (alg 8, id 14631)
- ./DNSKEY (alg 8, id 20326)
- NSEC proving non-existence of hkps.pool.sks-keyservers.net/A
- NSEC3 proving non-existence of gnupg.net/DS
- net/DNSKEY (alg 8, id 35886)
- net/DNSKEY (alg 8, id 6203)
- net/DS (alg 8, id 35886)
- sks-keyservers.net/DNSKEY (alg 8, id 30729)
- sks-keyservers.net/DNSKEY (alg 8, id 59791)
- sks-keyservers.net/DS (alg 8, id 30729)
Delegation status
Insecure (1)
- net to gnupg.net
Secure (2)
- . to net
- net to sks-keyservers.net
Notices
Errors (4)
- hkps.pool.sks-keyservers.net/A: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (23.128.97.53, 2607:7c80:53::53, UDP_-_EDNS0_4096_D_KN)
- sks-keyservers.net zone: The following NS name(s) did not resolve to address(es): ns.dan.host, ns.dan.xxx
- sks-keyservers.net zone: The server(s) responded over UDP with a malformed response or with an invalid RCODE. See RFC 1035, Sec. 4.1.1. (23.128.97.53, 2607:7c80:53::53)
- sks-keyservers.net/DNSKEY: The response had an invalid RCODE (REFUSED). See RFC 1035, Sec. 4.1.1. (23.128.97.53, 2607:7c80:53::53, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_512_D_KN)
Warnings (3)
- net to sks-keyservers.net: The following NS name(s) were found in the authoritative NS RRset, but not in the delegation NS RRset (i.e., in the net zone): ns-global.kjsl.com, ns.dan.host See RFC 1034, Sec. 4.2.2.
- sks-keyservers.net/DS (alg 8, id 30729): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- sks-keyservers.net/DS (alg 8, id 30729): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
JavaScript is required to make the graph below interactive.
