keys.openpgp.org

Updated: 2020-05-29 02:33:27 UTC (1422 days ago) Go to most recent »

DNSSEC options (hide)

Notices

DNSSEC Authentication Chain

./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 48903)
keys.openpgp.org/DNSKEY (alg 8, id 14555)
keys.openpgp.org/DNSKEY (alg 8, id 39969)
keys.openpgp.org/DS (alg 8, id 14555)
openpgp.org/DNSKEY (alg 8, id 26041)
openpgp.org/DNSKEY (alg 8, id 63435)
openpgp.org/DS (alg 8, id 26041)
org/DNSKEY (alg 7, id 17883)
org/DNSKEY (alg 7, id 27074)
org/DNSKEY (alg 7, id 62165)
org/DS (alg 7, id 17883)
org/DS (alg 7, id 17883)

RRSIG openpgp.org/DS alg 7, id 27074: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG org/DNSKEY alg 7, id 17883: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG org/DNSKEY alg 7, id 27074: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG org/DNSKEY alg 7, id 27074: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
RRSIG org/DNSKEY alg 7, id 27074: DNSSEC specification recommends not signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1).
org/DS (alg 7, id 17883): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
org/DS (alg 7, id 17883): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
org/DS (alg 7, id 17883): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.
org/DS (alg 7, id 17883): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset.