Package: hash-slinger Version: 2.5-1 Severity: minor Dear Maintainer,
tlsa fails for a domain that has DNSSEC records, unless the --insecure argument is used. dig output shows the 'ad' flag, so my understanding is that the lookup really is secure and tlsa incorrect and there's probably some underlying libunbound2 problem. $ tlsa --create www.debian.org Error: query data not secure and secure data requested, unable to continue Unable to resolve www.debian.org.: Unsuccesful lookup or no data returned for rrtype 28. $ dig +dnssec www.debian.org | grep flags ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ; EDNS: version: 0, flags: do; udp: 4096 $ tlsa --create --insecure www.debian.org Warning: query data is not secure. Unable to resolve www.debian.org.: Unsuccesful lookup or no data returned for rrtype 28. Got a certificate with Subject: /OU=Domain Control Validated/OU=Gandi Standard SSL/CN=debian.org _443._tcp.www.debian.org. IN TLSA 3 0 1 07a9ff1059c430e973b7abd8cb754627bb9c8a3031f5ea329bfc8caf4a41e5e2 Got a certificate with Subject: /OU=Domain Control Validated/OU=Gandi Standard SSL/CN=dsa.debian.org _443._tcp.www.debian.org. IN TLSA 3 0 1 ccb2cbee8c1947b4eee4ffab090f9f3d604bc6f3dea3d9683042a6654618ac1f -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages hash-slinger depends on: ii libpython2.7-stdlib [python-argparse] 2.7.6-5 ii openssh-client 1:6.4p1-2 ii python 2.7.5-5 ii python-dnspython 1.11.1-1 ii python-gnupg 0.3.5-2 ii python-ipaddr 2.1.10-1 ii python-m2crypto 0.21.1-3 ii python-unbound 1.4.21-1 hash-slinger recommends no packages. hash-slinger suggests no packages. -- no debconf information -- Gerald Turner Encrypted mail preferred! 0xEC942276FDB8716D CA89 B27A 30FA 66C5 1B80 3858 EC94 2276 FDB8 716D
pgpDKAsqTCsB7.pgp
Description: PGP signature
