Uploaded image for project: 'Support'
  1. Support
  2. SUPPORT-176

DNSKEYs that are in the unsigned zone will not be deleted

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: OpenDNSSEC 2.0
    • Fix Version/s: None
    • Component/s: Signer
    • Labels:
      None

      Description

      Affects OpenDNSSEC 1.4.8.2 (is not available under versions).

      I have a zone which has "manual" DNSKEY records in the unsigned source zone (this is needed for example when transferring a zone to another operator). These DNSKEY records are dormant.

      When deleting the DNSKEY records from the source zone the signer does an AXFR of the zone but the records still remain, although they are no longer there in the source zone.

      To reproduce this:

      1) Add manual DNSKEY records to an unsigned zone
      2) Let ods-signer sign the zone
      3) Remove manual DNSKEY records from unsigned source zone
      3) let ods-signer sign the zone again

      Expected: The manual DNSKEY records are gone
      Actual: The manual DNSKEY records are still in the signed zone

        Attachments

          Issue Links

          discovered while testing

          Bug - A problem which impairs or prevents the functions of the product. SUPPORT-177 Signer does not transfer/update zone

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

            Activity

              People

              Assignee:
              yuri Yuri Schaeffer
              Reporter:
              sebastianw Sebastian Wiesinger
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: