retrieve TLSA record also if it is not secured by DNSSEC
Paul Wouters
paul at nohats.ca
Wed Feb 12 18:02:18 UTC 2020
On Wed, 12 Feb 2020, Elmar Stellnberger via Unbound-users wrote:
> The tool can from now on also be downloaded from https://www.elstel.org/DANE/
> or https://www.elstel.org/atea/.
You are aware of hash-slinger's "tlsa" command to generate / verify TLSA
records? It of course insists the TLSA records are secured by DNSSEC,
but it has a --insecure option if you want to test it before your domain
is secured by DNSSEC.
Paul
More information about the Unbound-users
mailing list