registry.in

Updated: 2020-05-21 04:48:30 UTC (1647 days ago) Go to most recent »

DNSSEC options (hide)

Notices

DNSSEC Authentication Chain

./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 48903)
NSEC3 proving non-existence of registry.in/DS
in/DNSKEY (alg 8, id 54739)
in/DNSKEY (alg 8, id 65169)
in/DS (alg 8, id 54739)
in/DS (alg 8, id 54739)

NSEC3 proving non-existence of registry.in/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
NSEC3 proving non-existence of registry.in/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
registry.in/DS has errors; select the "Denial of existence" DNSSEC option to see them.

NSEC3 proving non-existence of registry.in/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
NSEC3 proving non-existence of registry.in/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
in/DS (alg 8, id 54739): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
in/DS (alg 8, id 54739): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
in/DS (alg 8, id 54739): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
in/DS (alg 8, id 54739): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
registry.in/A: The response had an invalid RCODE (SERVFAIL) until EDNS was disabled (however, this server appeared to respond legitimately to other queries with EDNS enabled). See RFC 6891, Sec. 6.2.6. (156.154.64.196, UDP_-_EDNS0_4096_D_K)
registry.in/DS has warnings; select the "Denial of existence" DNSSEC option to see them.