[dns-operations] So many DS records for icann.org
Yasuhiro Orange Morishita
yasuhiro at jprs.co.jp
Tue Aug 11 13:31:55 UTC 2015
Hello,
I've found so many DS records for icann.org in org zone.
It seems to be strange.
$ dig +short icann.org ds
41334 7 1 49D712CF7A8984B7545FDC7E69D7372782339B3A
18060 7 2 6BE021818B9F10ED981A03ACBF74F01E31FB15C58680AD0C4BAA464B
F37A7523
17248 7 1 88151C40E4673E7023E6AD1902A8AE055F3DDF61
41643 7 2 B8AB67D895E62087F0C5FC5A1A941C67A18E4B096F6C622AEFAE30DD
7B1EA199
17248 7 2 885CF8A6CF35FD5C619E1D48B59AFB23063BBA9FEC52FF25F99094CB
A10910A2
32134 7 2 6C321409786B95BEEE60E6D42F3713ACC3A9B5D18442091A792FBDD1
EA8E4655
41643 7 1 93358DB22E956A451EB5AE8D2EC39526CA6A87B9
18060 7 1 04CF77A76FD328458005D2B35E416F209A3420A0
41334 7 2 C299FAF7D6F9BCB310200ECF2EA216A2E83F7ACB15C8D72D79641FA8
DFACF9A9
32134 7 1 3D54D51109645E8315F59790B920323D361B065F
There are ten (five sets) DS records.
But valid DS are only two (one set), key id = 18060.
<http://dnsviz.net/d/icann.org/VcnJ3Q/dnssec/>
-- Orange
More information about the dns-operations
mailing list