retrieve TLSA record also if it is not secured by DNSSEC

Paul Wouters paul at
Wed Feb 12 18:02:18 UTC 2020

On Wed, 12 Feb 2020, Elmar Stellnberger via Unbound-users wrote:

> The tool can from now on also be downloaded from 
> or

You are aware of hash-slinger's "tlsa" command to generate / verify TLSA
records? It of course insists the TLSA records are secured by DNSSEC,
but it has a --insecure option if you want to test it before your domain
is secured by DNSSEC.


More information about the Unbound-users mailing list