Thanks to visit codestin.com
Credit goes to github.com

Skip to content

ttelford/dnssec-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README
README
 
 
verify-dnssec-keys.sh
verify-dnssec-keys.sh
 
 

Repository files navigation

This is a simple script to simplify a basic amount of verification for the
DNSSEC root keys.

It requires:
	* wget
	* gpg
	* dig
	* dnssec-dsfromkey

This script does the following:
	* Downloads (using https) the following:
		* root-anchors.xml file from IANA.
		* The (detached) GPG signature for root-anchors.xml
	* Imports the icann PGP keychain (DNSSEC Manager <[email protected]>)
	* Verifies the GPG signature of root-anchors.xml
	
	* Obtains the GPG key via DNS using dig
	* Compares the key obtained via DNS with the key obtained with https.
	* Prints the results

At this time, there is no checking to see if the various tools actually exist;
therefore, it can easily fail to run properly.

This script has been tested on Linux

About

Scripts useful to verifying dnssec

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages