RSA/SHA1-NSEC3-SHA1 signature bug?

21 Oct 2014


      Hello fellow dnsmasq users,
there is a topic on the IPFire support forums I would like to point you
to:
http://forum.ipfire.org/index.php?topic=11726.0
It appears that dnsmasq cannot verify resource records of a
DNSSEC-enabled domain. That domain uses RSA/SHA1-NSEC3-SHA1 for its
signatures. Although there is some code in dnsmasq that is supposed to
handle this, it does not verify the records correctly.
Did anyone else experience this problem? Is it a bug with dnsmasq or the
authoritative name servers of that domain?
Best,
-Michael

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

RSA/SHA1-NSEC3-SHA1 signature bug?