|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: fyi-- [dns-operations] early key rollover for dlv.isc.org
On Thu, 21 Sep 2006 12:41:41 -0400, "Steven M. Bellovin" <[email protected]> said: > Paul, what exponent does the new key use? (I clicked on the public key > link, but I can't decode the base64 that easily...) Here's a fairly simple way to extract e: $ for rdata in `dig dlv.isc.org. dnskey +short | awk '/257/ {print $4}'`; do echo $rdata | base64-decode | od -x -N4; done 0000000 0103 daa7 0000004 0000000 0301 0001 0000004 According to RFC2537 section 2, one of the KSKs of dlv.isc.org has e=3 and the other e=65537. -- Alex
|