Hello, OpenDNSSEC 2.1.13 running on FreeBSD 13.3. Recently, dnsviz.net started reporting the lack of "Denial of existence" DNSSEC option error for all my domains: ad2h.mydomain.org/A has errors; select the "Denial of existence" DNSSEC option to see them.mydomain.org/CDNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.mydomain.org/CDS has errors; select the "Denial of existence" DNSSEC option to see them.mydomain.org/AAAA has errors; select the "Denial of existence" DNSSEC option to see them.mydomain.org/CNAME has errors; select the "Denial of existence" DNSSEC option to see them. Is this due to TTL commented in my kasp.xml or I miss some other settings? <Denial> <NSEC3> <!-- <TTL>PT0S</TTL> --> <!-- <OptOut/> --> <Resalt>P100D</Resalt> <Hash> <Algorithm>1</Algorithm> <Iterations>5</Iterations> <Salt length="8"/> </Hash> </NSEC3></Denial> Thank you.
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user