North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
- From: Alexander Gall
- Date: Fri Sep 22 05:11:39 2006
On Thu, 21 Sep 2006 12:41:41 -0400, "Steven M. Bellovin" <smb@cs.columbia.edu> said:
> Paul, what exponent does the new key use? (I clicked on the public key
> link, but I can't decode the base64 that easily...)
Here's a fairly simple way to extract e:
$ for rdata in `dig dlv.isc.org. dnskey +short | awk '/257/ {print $4}'`; do echo $rdata | base64-decode | od -x -N4; done
0000000 0103 daa7
0000004
0000000 0301 0001
0000004
According to RFC2537 section 2, one of the KSKs of dlv.isc.org has e=3
and the other e=65537.
--
Alex
|
