Heiko Schlittermann <h...@schlittermann.de> (Di 14 Dez 2010 20:40:47 CET): > Peter Palfrader <wea...@debian.org> (Di 14 Dez 2010 20:31:46 CET): > > On Tue, 14 Dec 2010, Heiko Schlittermann wrote: > > > > > Peter Palfrader <wea...@debian.org> (Di 14 Dez 2010 18:42:49 CET): > > > > On Tue, 14 Dec 2010, Heiko Schlittermann wrote: > > > > > > > > > Using a current lenny with bind9 I can't validate (www|ftp).debian.org > > > > > anymore. Is anybody else experiencing this problem? > > > > > > > > > > > > > > > not working: 1:9.6.ESV.R3+dfsg-0+lenny1 > > > > > working: 1:9.6.ESV.R1+dfsg-0+lenny2 > > > > > working: 1:9.7.2.dfsg.P3-1 > > > > > > > > > > > > > > > ftp.debian.org seems to use DLV. Other domains using DLV validate. > > > > > > > > Does a normal host validate? Say for instance kassia.debian.org. > > > > > > Yes, it does. > > > > Are you on IPv6? > > What is IPv6? > No, I'm not on IPv6 and even running bind with the "-4" option.
syslog: Dec 14 21:19:36 muli3 named[32237]: validating @0xb90beb28: ftp.debian.org A: no valid signature found Dec 14 21:19:36 muli3 named[32237]: not insecure resolving 'ftp.debian.org/A/IN': 206.12.19.113#53 Dec 14 21:19:36 muli3 named[32237]: validating @0xb90beb28: ftp.debian.org A: no valid signature found Dec 14 21:19:36 muli3 named[32237]: no valid RRSIG resolving 'ftp.debian.org/A/IN': 82.195.75.105#53 Dec 14 21:19:36 muli3 named[32237]: validating @0xb90beb28: ftp.debian.org A: no valid signature found Dec 14 21:19:36 muli3 named[32237]: no valid RRSIG resolving 'ftp.debian.org/A/IN': 195.20.242.125#53 Somehow it seems to dislike to accept the DLV key? -- Heiko :: dresden : linux : SCHLITTERMANN.de GPG Key 48D0359B : 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B
signature.asc
Description: Digital signature
