Re: Insecure key/policy?

From: Tanguy Ortolo <>
Date: Mon, 28 Mar 2011 17:10:04 +0200

Murray S. Kucherawy, 2011-03-28 07:39 UTC-0700:
> [please subscribe to the list so we don't have to manually approve your posts]

Sorry for that, but I do not really want to subscribe to a mailing-list
for only posting one or two messages. I would if I planned to discuss
about OpenDKIM for some time, but I do not.

> > However, I could not find what was an insecure key and an insecure DNS
> > record. Grepping the source code, I guess that this means that the key
> > or the policy DNS record is not DNSSEC'ed. If this is right, may I
> > prepare a patch against the manpage?
> Sure, send it along. You're right that they mean the key/policy record was retrieved while you're using DNSSEC (i.e., you compiled against unbound) but the data thus retrieved were not protected by DNSSEC.

Here is the patch then.

Tanguy Ortolo

Received on Mon Mar 28 2011 - 15:10:19 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:16 PST