In message <c008a6086493ca91d9b6707551689...@[::1]>, Patrick Vande Walle writes : > Greetings, > > My zone file contains a TXT record for DKIM : > > sig-2010._domainkey IN TXT "v=DKIM1; r=postmaster; g=*; k=rsa; > t=s; p=[deleted for shortness]" > > When I run: /usr/sbin/dnssec-signzone -u -3 5D2CA8 -C -g -p -o > example.net. -e +7776000 -l dlv.isc.org zone.db K*.private 2>&1" > > It returns: "dnssec-signzone: fatal: failed loading zone from > 'zone.db': ran out of space" > > If I delete the "g=*;" tag of the TXT record > > sig-2010._domainkey IN TXT "v=DKIM1; r=postmaster; k=rsa; t=s; > p=[deleted for shortness]"
A string in a TXT record can only be 255 characters long though there can be multiple strings. If you try to load a string longer than 255 characters you will get the error above. RFC 4871 DomainKeys Identified Mail (DKIM) Signatures Strings in a TXT RR MUST be concatenated together before use with no intervening whitespace. TXT RRs MUST be unique for a particular selector name; that is, if there are multiple records in an RRset, the results are undefined. > signing happens with no problem. > > I am wondering if others have seen this strange behaviour of > dnssec-signzone (version 9.7.1-P2). > > Thanks, > > Patrick Vande Walle > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users