veterans.gov | DNSViz

veterans.gov

Updated: 2022-05-11 12:40:51 UTC (726 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Insecure (6)

veterans.gov/A
veterans.gov/AAAA
veterans.gov/NS
veterans.gov/NSEC3PARAM
veterans.gov/SOA
veterans.gov/TXT

Secure (1)

gov/SOA

DNSKEY/DS/NSEC status

Insecure (2)

veterans.gov/DNSKEY (alg 8, id 15337)
veterans.gov/DNSKEY (alg 8, id 59379)

Secure (6)

./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 47671)
NSEC3 proving non-existence of veterans.gov/DS
gov/DNSKEY (alg 8, id 2706)
gov/DNSKEY (alg 8, id 7698)
gov/DS (alg 8, id 7698)

Delegation status

Insecure (1)

gov to veterans.gov

Secure (1)

. to gov

Notices

Warnings (1)

veterans.gov/NSEC3PARAM: No response was received from the server over UDP (tried 6 times) until the COOKIE EDNS option was removed (however, this server appeared to respond legitimately to other queries with the COOKIE EDNS option present). (2600:1401:2::a5, UDP_-_EDNS0_4096_D_KN)

DNSKEY legend

Full legend

	SEP bit set
	Revoke bit set
	Trust anchor

See also

DNSSEC Debugger by Verisign Labs.

Download: png | svg

Warning

JavaScript is required to make the graph below interactive.

DNSSEC authentication graph