www.rule.com
Updated:
2020-04-08 16:01:28 UTC (5 years ago)
Update now
Notices
DNSSEC Authentication Chain
RRset status
Insecure (4)
- fe1.edge.pantheon.io/A
- fe1.edge.pantheon.io/AAAA
- live-rulecamera.pantheonsite.io/CNAME
- www.rule.com/CNAME
Secure (4)
- com/SOA
- com/SOA
- io/SOA
- io/SOA
DNSKEY/DS/NSEC status
Secure (14)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 33853)
- ./DNSKEY (alg 8, id 48903)
- NSEC3 proving non-existence of pantheon.io/DS
- NSEC3 proving non-existence of pantheonsite.io/DS
- NSEC3 proving non-existence of rule.com/DS
- com/DNSKEY (alg 8, id 30909)
- com/DNSKEY (alg 8, id 56311)
- com/DS (alg 8, id 30909)
- io/DNSKEY (alg 8, id 303)
- io/DNSKEY (alg 8, id 42864)
- io/DNSKEY (alg 8, id 57355)
- io/DS (alg 8, id 57355)
- io/DS (alg 8, id 57355)
Delegation status
Insecure (4)
- com to rule.com
- io to pantheon.io
- io to pantheonsite.io
- pantheon.io to edge.pantheon.io
Secure (2)
- . to com
- . to io
Notices
Errors (4)
- NSEC3 proving non-existence of pantheon.io/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of pantheon.io/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of pantheonsite.io/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of pantheonsite.io/DS: An iterations count of 0 must be used in NSEC3 records to alleviate computational burdens. See RFC 9276, Sec. 3.1.
Warnings (9)
- NSEC3 proving non-existence of pantheon.io/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of pantheon.io/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of pantheonsite.io/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of pantheonsite.io/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- io/DS (alg 8, id 57355): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- io/DS (alg 8, id 57355): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- io/DS (alg 8, id 57355): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- io/DS (alg 8, id 57355): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- pantheon.io to edge.pantheon.io: The server(s) for the parent zone (pantheon.io) responded with a referral instead of answering authoritatively for the DS RR type. See RFC 4034, Sec. 5. (205.251.192.148, 205.251.195.156, 205.251.196.72, 205.251.199.65, 2600:9000:5300:9400::1, 2600:9000:5303:9c00::1, 2600:9000:5304:4800::1, 2600:9000:5307:4100::1, UDP_-_EDNS0_4096_D_K)
JavaScript is required to make the graph below interactive.
