CAA record

Huber_Peter · July 29, 2019, 9:05am

We are using nsd 4.2.1-2 and ldsn 1.6

The following entry in a zone file leads to an error, when I try to sign the zone file:

uni-wh.de. CAA 0 issue “pki.dfn.de”

If I change the entry to this one, everything is working:

uni-wh.de. IN TYPE257 # 17 00056973737565706B692E64666E2E6465

The error message:

Zone not read, error: Syntax error, could not parse the RR’s rdata at uni-wh.de.zone line 25

I am using the ldns-signzone to sign the zone.

ldns-signzone –vV zone signer version 1.6.16 (ldns version 1.6.16)

Is this version not able to sign a zone file with a CAA record, only with a Type257 record?

Kid regards

Peter

Wouter · July 29, 2019, 9:17am

Hi Peter,

We are using nsd 4.2.1-2 and ldsn 1.6

The following entry in a zone file leads to an error, when I try to sign
the zone file:

uni-wh.de. CAA 0 issue "pki.dfn.de"

This record works fine when I try to read it into the nsd here. But it
is rewritten again when ldns-signzone creates the signed zone file.
What does the record look like in the uni-wh.de.zone.signed file?

What does the record look like in the signed file when you input the
TYPE257 entry? It makes a difference, you noted.

Best regards, Wouter