StinPrizacoop/tlsa_checker
4
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

check DS records, stop processing when not found. #1

New issue
Open
opened 2025-11-25 12:57:23 +02:00 by dimitris · 0 comments
dimitris commented 2025-11-25 12:57:23 +02:00
Owner
Copy link

if DNSSEC is not enabled for a domain, processing could stop at start (right at/after "Checking domain example.com").
even if TLSA records are present, they can't be trusted without DNSSEC enabled.

eg. dig DS stinpriza.eu has DS record(s), so DNSSEC is enabled and TLSA records can be checked.

if DNSSEC is not enabled for a domain, processing could stop at start (right at/after "Checking domain example.com"). even if TLSA records are present, they can't be trusted without DNSSEC enabled. eg. `dig DS stinpriza.eu` has DS record(s), so DNSSEC is enabled and TLSA records can be checked.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
StinPrizacoop/tlsa_checker#1
No description provided.