To:
dnssec@cafax.se, keydist@cafax.se
From:
Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date:
Tue, 12 Nov 2002 15:10:42 -0500
In-reply-to:
Your message of "Tue, 12 Nov 2002 13:31:38 EST." <3C1E3607B37295439F7C409EFBA08E6803B95848@US-Columbia-CIST.mail.saic.com>
Sender:
owner-keydist@cafax.se
Subject:
Re: workshop?
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Loomis," == Loomis, Rip <GILBERT.R.LOOMIS@saic.com> writes:
Loomis> There was a "private" snapshot release dated 2002-10-04 that
Loomis> some folks were running at the ARIN-sponsored DNSSEC workshop
Loomis> back on 07/08 October in Chantilly VA. Those of us present
Loomis> there saw some real issues in the 20020722 snapshot which are
Loomis> fixed in the later private snapshot, and I mentioned this to
A summary of these issues would prevent others from beating our heads
against the wall, even if we can't get access to the fixes.
I would like to know if there is some debug/logging option that I'm
missing that would have named log whenever it fails to verify a signature.
I think that it ought to be a simple use of Net::DNS::Sec to take a
zone file as input and tell me if it checks out. Even better to take
an FQDN and tell me where the signatures in the hierarchy break. I haven't
had a chance to work on this.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPdFfc4qHRg3pndX9AQGl9gQAqw8HjSdJR83Tbm/UwKd/QDdrSPq/QneA
nY3xut0WlyEmXdtFwVmK6hGHVmhOUhb3aO2AkrtGFSN6KYPMXliggKx/hn7qLlHY
5P1/rUJXamZHnYHW3cDDUxsr7ldxLHpuWqesAIvARx+1RKK8vWRZKZxR6khLTql+
DcZqGLoq9/w=
=W/Se
-----END PGP SIGNATURE-----