In message c008a6086493ca91d9b6707551689...@[::1], Patrick Vande Walle writes
:
Greetings,
My zone file contains a TXT record for DKIM :
sig-2010._domainkey IN TXT v=DKIM1; r=postmaster; g=*; k=rsa;
t=s; p=[deleted for shortness]
When I run: /usr/sbin/dnssec-signzone -u -3 5D2CA8 -C -g -p -o
example.net. -e +7776000 -l dlv.isc.org zone.db K*.private 21
It returns: dnssec-signzone: fatal: failed loading zone from
'zone.db': ran out of space
If I delete the g=*; tag of the TXT record
sig-2010._domainkey IN TXT v=DKIM1; r=postmaster; k=rsa; t=s;
p=[deleted for shortness]
A string in a TXT record can only be 255 characters long though there
can be multiple strings. If you try to load a string longer than 255
characters you will get the error above.
RFC 4871 DomainKeys Identified Mail (DKIM) Signatures
Strings in a TXT RR MUST be concatenated together before use with no
intervening whitespace. TXT RRs MUST be unique for a particular
selector name; that is, if there are multiple records in an RRset,
the results are undefined.
signing happens with no problem.
I am wondering if others have seen this strange behaviour of
dnssec-signzone (version 9.7.1-P2).
Thanks,
Patrick Vande Walle
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users