[Dnssec-trigger] dnssec trigger snapshot 0.8 SSL test

Matthijs Mekking matthijs at NLnetLabs.nl
Tue Nov 15 15:29:24 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Jan-Piet,

Unfortunately, Wouter is taking days off, so it is unsure if he will
read this before you will check out again.

I would recommend to let dnssec-triggerd run with verbosity level 4 or 5
(highest setting) and send the logfile to me + Wouter. Both can be
configured in the configuration file.

Best regards,
  Matthijs


On 11/15/2011 03:30 PM, Jan-Piet Mens wrote:
> Hello Wouter,
> 
>> There is a snapshot of 0.8 available.
> 
> I've just checked into a hotel and have installed this snapshot, with
> the following results:
> 
>         $ dig +short rs.dns-oarc.net txt
>         rst.x476.rs.dns-oarc.net.
>         rst.x485.x476.rs.dns-oarc.net.
>         rst.x490.x485.x476.rs.dns-oarc.net.
>         "62.253.172.149 DNS reply size limit is at least 490"
>         "62.253.172.149 lacks EDNS, defaults to 512"
>         "Tested at 2011-11-15 14:19:23 UTC"
> 
>         $ sudo /usr/sbin/dnssec-trigger-control status
>         at 2011-11-15 15:26:15
>         authority 192.58.128.30: error no RRSIGs in reply
>         cache 194.168.4.123: error no RRSIGs in reply
>         cache 194.168.8.123: error no RRSIGs in reply
>         state: nodnssec insecure
> 
>         $ cat /etc/resolv.conf
>         domain GUEST
>         search intern
>         nameserver 194.168.8.123
>         nameserver 194.168.4.123
> 
> No DNSSEC for my Mac :-(
> 
> I'll be here until early Thursday, and I'm willing to test, so just tell
> me what I should do ;-)
> 
> Regards,
> 
>         -JP
> _______________________________________________
> dnssec-trigger mailing list
> dnssec-trigger at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/dnssec-trigger

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOwoVUAAoJEA8yVCPsQCW50AQIAK3/rTbPbCXqFdThsmyBif+R
cQSDpzkkxUiUgUoui91h3TDu6I+Q56l8EW/WZuw1G3hxER1hAnv7s+l7qv87DYnZ
1H/fYwrvWoAgyL9VGxk9JwqONyc5tXgxwnQVV1gsC8EiVThERvsNuPUC2mcZD911
FaGjFy5oeCEh0uPFUgL0mDPdRacDnUPd3p4Mmm58S1zYWahNZOnJ9zFj+0a79yJ7
YkirvvHVvKcHQtPQl3gEbyWXn2oXIq/Lzbav2MnIbMLEpsYuBig7L8S3E01r0r7C
XS7hhz5netpP1hxmHN4DSenzfUFc9rZqyEP8AZpOZTHxFxK20sc8IgHHbwPW4mE=
=S7SK
-----END PGP SIGNATURE-----

More information about the dnssec-trigger mailing list