And for one that is always deliberately broken, for testing:
www.dnssec-failed.org
On 7/20/15, 10:13 PM, "Frank Bulk" wrote:
>Does anyone have an zone that will always remain unsigned?
>verteiltesysteme.net is going to make one, but if there was a second
>organization that could provide a zon
Come to think of it, does DNS-OARC have a set of such zones? I have a
vague memory that this may have been set up once. If not, might this be a
good idea to provide? (Alongside other test services like reply size as
described here: https://www.dns-oarc.net/oarc/services/replysizetest)
(An idle
Thanks. I found three on the Internet that are set up that way:
sigfail.verteiltesysteme.net
www.dnssec-failed.org
rhybar.cz
I'm using those in my script (randomly) for checking for that failure case.
Frank
-Original Message-
From: Livingood, Jason [mailto:jason_living...@cable.comcas
I have plans for a browser based test suite
similar to test-ipv6.com for this. I have a host, domains, IPs but
am missing time to complete the testing.
If you are interested in collaboration please contact
me off-list.
- Jared
On Tue, Jul 21, 2015 at 08:21:16AM -0500, Fr
On 07/21/2015 07:48 AM, Edward Lewis wrote:
> Come to think of it, does DNS-OARC have a set of such zones? I have a
> vague memory that this may have been set up once. If not, might this be a
> good idea to provide? (Alongside other test services like reply size as
> described here: https://www.
That sounds a nice idea.
-
I have plans for a browser based test suite
similar to test-ipv6.com for this. I have a host, domains, IPs but
am missing time to complete the testing.
If you are interested in collaboration please contact
me off-list.
- Jar
There are various signed and deliberately broken zones at SIDNLabs workbench
with an explanation of the brokenness:
https://workbench.sidnlabs.nl/
- --
Antoin Verschuren
Tweevoren 6, 5672 SB Nuenen, NL
M: +31 6 37682392
xmpp:antoinverschu...@gmail.com
Op 21 jul. 2015, om 16:04 heeft Keith M
On Tue, 21 Jul 2015 08:21:16 -0500 Frank wrote:
FB> Thanks. I found three on the Internet that are set up that way:
FB> sigfail.verteiltesysteme.net
FB> www.dnssec-failed.org
FB> rhybar.cz
FB> I'm using those in my script (randomly) for checking for that failure
FB> case.
The dnssec-tools test
Robert,
Thanks, I had not seen that list before. The NAGIOS plugin I wrote is not
meant to exhaustively test a recursive resolver, like what can be done with
the dnssec-tool.orgs records.
Frank
-Original Message-
From: Robert Story [mailto:rst...@tislabs.com]
Sent: Tuesday, July 21,
