www.cssz.cz
Updated:
2021-04-22 20:04:13 UTC (1191 days ago)
Go to most recent »
Notices
DNSSEC Authentication Chain
RRset status
Insecure (2)
- www.cssz.cz/A
- www.cssz.cz/AAAA
Secure (1)
- cssz.cz/SOA
DNSKEY/DS/NSEC status
Secure (9)
- ./DNSKEY (alg 8, id 14631)
- ./DNSKEY (alg 8, id 20326)
- NSEC3 proving non-existence of www.cssz.cz/DS
- cssz.cz/DNSKEY (alg 10, id 32292)
- cssz.cz/DNSKEY (alg 10, id 9068)
- cssz.cz/DS (alg 10, id 32292)
- cz/DNSKEY (alg 13, id 17014)
- cz/DNSKEY (alg 13, id 20237)
- cz/DS (alg 13, id 20237)
Delegation status
Insecure (1)
- cssz.cz to www.cssz.cz
Secure (2)
- . to cz
- cz to cssz.cz
Notices
Errors (10)
- NSEC3 proving non-existence of www.cssz.cz/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of www.cssz.cz/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
- www.cssz.cz/MX has errors; select the "Denial of existence" DNSSEC option to see them.
- www.cssz.cz/TXT has errors; select the "Denial of existence" DNSSEC option to see them.
- www.cssz.cz/NS has errors; select the "Denial of existence" DNSSEC option to see them.
- nid3a2u41g.www.cssz.cz/A has errors; select the "Denial of existence" DNSSEC option to see them.
- www.cssz.cz/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
- www.cssz.cz/DNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.
- www.cssz.cz/DS has errors; select the "Denial of existence" DNSSEC option to see them.
- www.cssz.cz/SOA has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (10)
- NSEC3 proving non-existence of www.cssz.cz/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of www.cssz.cz/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- RRSIG NSEC3 proving non-existence of www.cssz.cz/DS alg 10, id 9068: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- RRSIG NSEC3 proving non-existence of www.cssz.cz/DS alg 10, id 9068: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- RRSIG cssz.cz/DNSKEY alg 10, id 32292: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- RRSIG cssz.cz/DNSKEY alg 10, id 32292: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- RRSIG cssz.cz/DNSKEY alg 10, id 9068: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- RRSIG cssz.cz/DNSKEY alg 10, id 9068: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- RRSIG cssz.cz/SOA alg 10, id 9068: DNSSEC specification recommends not signing with DNSSEC algorithm 10 (RSASHA512). See RFC 8624, Sec. 3.1.
- www.cssz.cz/DS has warnings; select the "Denial of existence" DNSSEC option to see them.
JavaScript is required to make the graph below interactive.
