Path: csiph.com!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail
From: Mark Andrews <marka@isc.org>
Newsgroups: comp.protocols.dns.bind
Subject: Re: dnssec-keygen getting dates wrong
Date: Mon, 31 Aug 2020 10:51:01 +1000
Lines: 63
Approved: bind-users@lists.isc.org
Message-ID: <mailman.847.1598835016.942.bind-users@lists.isc.org>
References: <f8b5eb0d-9573-4b87-7694-0c9cd363e6f4@posix.co.za> <1598814216.24772.5.camel@dotforge.ch> <9672863D-D279-4FF9-89C4-14C32EFECEAD@isc.org>
NNTP-Posting-Host: lists.isc.org
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.6\))
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Trace: usenet.stanford.edu 1598835067 818 149.20.1.60 (31 Aug 2020 00:51:07 GMT)
X-Complaints-To: action@cs.stanford.edu
Cc: bind-users@lists.isc.org
To: Marcel de Riedmatten <mdr@dotforge.ch>
Return-Path: <marka@isc.org>
X-Original-To: bind-users@lists.isc.org
Delivered-To: bind-users@lists.isc.org
In-Reply-To: <1598814216.24772.5.camel@dotforge.ch>
X-Mailer: Apple Mail (2.3445.9.6)
X-BeenThere: bind-users@lists.isc.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BIND Users Mailing List <bind-users.lists.isc.org>
List-Unsubscribe: <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe>
List-Archive: <https://lists.isc.org/pipermail/bind-users/>
List-Post: <mailto:bind-users@lists.isc.org>
List-Help: <mailto:bind-users-request@lists.isc.org?subject=help>
List-Subscribe: <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe>
X-Mailman-Original-Message-ID: <9672863D-D279-4FF9-89C4-14C32EFECEAD@isc.org>
X-Mailman-Original-References: <f8b5eb0d-9573-4b87-7694-0c9cd363e6f4@posix.co.za> <1598814216.24772.5.camel@dotforge.ch>
Xref: csiph.com comp.protocols.dns.bind:16080

This is fixed in

5486.   [func]          Add 'rndc dnssec -checkds' command to tell named
                        that the DS record has been published in the =
parent.
                        [GL #1613]

Which is in the next maintenance release.

Mark

> On 31 Aug 2020, at 05:03, Marcel de Riedmatten <mdr@dotforge.ch> =
wrote:
>=20
> Le dimanche 30 ao=C3=BBt 2020 =C3=A0 12:58 +0200, Mark Elkins a =C3=A9cr=
it :
>> Running BIND.. 9.16.6 on a Gentoo machine - so BIND is kept very much
>> up to date.
>> dnssec-keygen - Version: 9.16.6
>>=20
>> I create DNSSEC Keys in a manual process and in order to see when a
>> Key was created (so I can rotate them - etc..) I look at the Creation
>> date inside the 'key' file....
>> # dnssec-keygen -a RSASHA256 fubar.com
>> # cat Kfubar.com.+008+21010.key=20
>> ; This is a zone-signing key, keyid 21010, for fubar.com.
>> ; Created: 20200830105653 (Sun Aug 30 12:56:53 202)
>> ; Publish: 20200830105653 (Sun Aug 30 12:56:53 202)
>> ; Activate: 20200830105653 (Sun Aug 30 12:56:53 202)
>>=20
>> Can anyone spot an issue? Look carefully at the creation date, the
>> year in particular!
>=20
>=20
> Hi
>=20
> it looks like a pretty printing issue.
>=20
> # dnssec-settime -p all Kfubar.com.+008+21010.key
>=20
> should give you the correct timestamp.
>=20
> --=20
> Marcel de Riedmatten
>=20
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to =
unsubscribe from this list
>=20
> ISC funds the development of this software with paid support =
subscriptions. Contact us at https://www.isc.org/contact/ for more =
information.
>=20
>=20
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

--=20
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org