DNSSEC failure when using algo 15 #84
Comments
|
This issue should possibly be moved to the Zonemaster-LDNS issues since the verification is done by LDNS code. Could it be that we need a newer version of OpenSSL? It looks like support of Ed25519 came to OpenSSL in version 1.1.0. Is LDNS compatible with that? |
|
(@klaver, you sent an email to contact@zonemaster.net. By mistake I erased it. Please send it again.) Forget it, I found it. |
|
@matsduf the contents of that e-mail where exactly the same as this issue |
|
The specification says algo 15 should be ALGORITHM_OK which is correct so this isn't a bug in the specification. So I pushed issue down to zonemaster-engine repo. |
|
poking through my buildlog, I saw "cpanm --notest Zonemaster::LDNS" trigger a download "http://www.cpan.org/authors/id/Z/ZN/ZNMSTR/Zonemaster-LDNS-2.0.1.tar.gz" so there seem two things todo:
an other option is to use https://github.com/zonemaster/zonemaster-ldns#internal-ldns How could I specify "--no-internal-ldns" when installing "cpanm --notest Zonemaster::LDNS" ?? "cpanm --notest --no-internal-ldns Zonemaster::LDNS Zonemaster::Engine Zonemaster::CLI" |
|
When installing with Thank you for poiting version 1.7.1 of LDNS out. We discovered that there is a new version available when analyzing your issue zonemaster/zonemaster#796 yesterday. We will of course incorporate that in next version of Zonemaster. |
|
well, it is possible to use external ldns :-) the Announcement for ldns-1.7.1 happened on a mailing list only. I'll ping nlnetlabs to update the website, too ... |
|
This issue covers the same bug as in #51, but with new information on LDNS. |
|
PR #85 will resolve this issue. |
|
Resolved by #85. |
Tested with domain: ed25519.nl
https://www.zonemaster.net/result/4a6dafd847b4f337
Edit: Updated the link to make up for a change in the URL scheme at zonemaster.net. /@mattias-p
The text was updated successfully, but these errors were encountered: