forked from critical/dns-zones
Add TLSA record for www.cacert.org and secure.cacert.org.
This supports effective use of the DNSSEC/TLSA Validator browser plugin available from CZ.NIC Labs. The records have been created with https://www.huque.com/bin/gen_tlsa using these parameters: certificate usage: DANE-TA (2) trust anchor selector: full cert (0) matching type: exact match (0) certificate: https://www.cacert.org/certs/root.der git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2570 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
8d476903f2
commit
f773d5fa50
2 changed files with 18 additions and 4 deletions
|
@ -1,10 +1,10 @@
|
|||
; DNS master zone file for cacert.org, under RCS control
|
||||
; @(#)(CAcert) $Id: cacert.org,v 1.82 2014/06/10 13:03:07 root Exp $
|
||||
; @(#)(CAcert) $Id: cacert.org,v 1.83 2014/07/22 09:34:28 root Exp $
|
||||
|
||||
$TTL 12h ; default TTL for zone data
|
||||
|
||||
@ IN SOA ns1.cacert.org. hostmaster.cacert.org. (
|
||||
2014061001 ; Serial
|
||||
2014072102 ; Serial
|
||||
4h ; refresh time
|
||||
1h ; retry interval
|
||||
2d ; expire time
|
||||
|
@ -151,6 +151,7 @@ pgpkeys IN CNAME infrastructure.cacert.org.
|
|||
|
||||
secure IN A 213.154.225.246
|
||||
secure IN AAAA 2001:7b8:3:9c::246
|
||||
_443._tcp.secure IN TLSA 2 0 0 3082073d30820525a003020102020100300d06092a864886f70d010104050030793110300e060355040a1307526f6f74204341311e301c060355040b1315687474703a2f2f7777772e6361636572742e6f7267312230200603550403131943412043657274205369676e696e6720417574686f726974793121301f06092a864886f70d0109011612737570706f7274406361636572742e6f7267301e170d3033303333303132323934395a170d3333303332393132323934395a30793110300e060355040a1307526f6f74204341311e301c060355040b1315687474703a2f2f7777772e6361636572742e6f7267312230200603550403131943412043657274205369676e696e6720417574686f726974793121301f06092a864886f70d0109011612737570706f7274406361636572742e6f726730820222300d06092a864886f70d01010105000382020f003082020a0282020100ce22c0e2467dec3628075096f2a033408c4bf13b663f31e56b0236dbd67cf6f1888f4e7736054195f909f012cf46867360b76e7ee8c05864aecdb0ad45170c63fa670ae8d6d2bf3ee798c4f04cfae003bb355d6c21de9e20d9bacd66323772faf708f5c7cd58c98ee70e5eea3efe1ca1140a156c86845b64662a7aa94b5379f588a27bee2f0a612b8db27e4d56a513eceada929eac44411e5860650566f8c044bdcb94f7427e0bf76568985105f0f30591041d1b1782ecc857bbc36b7a88f1b072cc255b2091ec1602128f32e9171848d0c7052e023042b8259c056b3faa3aa7eb5348f7e8d2b60798dc1bc6347f7fc91c827a05582b085bf338a2ab175d66c998d79e108ba2d2dd749af7710c7260dfcd6f98339d9634763e247a92b00e951e6fe6a0453847aad741ed4ab712f6d71b838a0f2ed809b659d7aa04ffd2937d682edd8b4bab58ba2f8dea95a7a0c35489a5fbdb8b51229db2c3be11be2c91868b9678ad20d38a2f1a3fc6d051658721b11901657f451c87f57cd0414c4f299821fd331f750c0451fa1977dbd4141cee81c31df598b769069122dd0050cc8131ac12077b38da685be62bd47ec95fade8eb724cf301e54b20bf9aa657ca9100018ba1752137b5630d673e464f702067cec5d659db02e0f0d2cbcdba62b79041e8dd20e429bc642942c822dc789aff43ec981b09514b5a5ac271f1c4cb73a9e5a10b0203010001a38201ce308201ca301d0603551d0e0416041416b5321bd4c7f3e0e68ef3bdd2b03aeeb23918d13081a30603551d2304819b308198801416b5321bd4c7f3e0e68ef3bdd2b03aeeb23918d1a17da47b30793110300e060355040a1307526f6f74204341311e301c060355040b1315687474703a2f2f7777772e6361636572742e6f7267312230200603550403131943412043657274205369676e696e6720417574686f726974793121301f06092a864886f70d0109011612737570706f7274406361636572742e6f7267820100300f0603551d130101ff040530030101ff30320603551d1f042b30293027a025a023862168747470733a2f2f7777772e6361636572742e6f72672f7265766f6b652e63726c303006096086480186f84201040423162168747470733a2f2f7777772e6361636572742e6f72672f7265766f6b652e63726c303406096086480186f842010804271625687474703a2f2f7777772e6361636572742e6f72672f696e6465782e7068703f69643d3130305606096086480186f842010d04491647546f2067657420796f7572206f776e20636572746966696361746520666f7220465245452068656164206f76657220746f20687474703a2f2f7777772e6361636572742e6f7267300d06092a864886f70d0101040500038202010028c7ee9c8202ba5c8012ca350a1d816f896a99ccf2680f7fa7e18d58953ebdf206c3905aacb560f6994301a388709c9d629da487af67580d30363be6ad48d3cb740286713ee22b0368f1346240463b53ea28f4acfb6695538a4d5dfd3bd960d7ca79693bb16592a6c681825c9ccdeb4d018aa5df1155aa15ca1f37c082987061db6a7c96a38e2e543e4f21a990efdc82bfdce845ad4d9073083c9465b00499767fe2bcc26a15aa97043724d81e944e6d0e51bed6c48fca966df743dfe83065273b7bbb434363c443f7b2ec68cce1198e22fb98e17b5a3e01373b8b08b0a2f3954e1acb9bcd9ab1dbb270f02d4adbd8b0e36f45483312fffe3c322a54f7c4f78af08823c247fe647a71c0d11ea663b0077ea42fd3018fdc9f2bb6c608a90f934825fc12fd9f42dcf3c43ef657b0d7dd69d10677340a4bd2caa0ff1cc68cc916bec4cc323768735f08fb51f7495336050a95024cf2791a10f6d83a759cf31df1a20d7067861bb316f52fe5a4eb7986f93d0bc2730ba599ac6ffc67b8e52f0ba618248d7bd14835291840ac9360e1968650b47a59d88f210b9fcf8291c63bbf6bdc0791b9975623aab66c94c648063ce4ce4eaae4f62f09dc536f2efc74eb3a6399c2a6ac89bca7b244a00d8a10e36cf224cbfa9b9f70472ede148bd4b2200996a264f1241cdca1359c15b2d4bc552e7d06f59c0e55f45ad693da76ad25734cc543
|
||||
|
||||
svn IN A 213.154.225.238
|
||||
svn IN SSHFP 1 1 1128972fb54f927477a781718e2f9c114e9ca383
|
||||
|
@ -184,3 +185,4 @@ wiki IN SSHFP 2 1 04f7ab767579f004cc3ab2cc42a4ccaa24e51154
|
|||
|
||||
www IN A 213.154.225.245
|
||||
www IN AAAA 2001:7b8:3:9c::245
|
||||
_443._tcp.www IN TLSA 2 0 0 3082073d30820525a003020102020100300d06092a864886f70d010104050030793110300e060355040a1307526f6f74204341311e301c060355040b1315687474703a2f2f7777772e6361636572742e6f7267312230200603550403131943412043657274205369676e696e6720417574686f726974793121301f06092a864886f70d0109011612737570706f7274406361636572742e6f7267301e170d3033303333303132323934395a170d3333303332393132323934395a30793110300e060355040a1307526f6f74204341311e301c060355040b1315687474703a2f2f7777772e6361636572742e6f7267312230200603550403131943412043657274205369676e696e6720417574686f726974793121301f06092a864886f70d0109011612737570706f7274406361636572742e6f726730820222300d06092a864886f70d01010105000382020f003082020a0282020100ce22c0e2467dec3628075096f2a033408c4bf13b663f31e56b0236dbd67cf6f1888f4e7736054195f909f012cf46867360b76e7ee8c05864aecdb0ad45170c63fa670ae8d6d2bf3ee798c4f04cfae003bb355d6c21de9e20d9bacd66323772faf708f5c7cd58c98ee70e5eea3efe1ca1140a156c86845b64662a7aa94b5379f588a27bee2f0a612b8db27e4d56a513eceada929eac44411e5860650566f8c044bdcb94f7427e0bf76568985105f0f30591041d1b1782ecc857bbc36b7a88f1b072cc255b2091ec1602128f32e9171848d0c7052e023042b8259c056b3faa3aa7eb5348f7e8d2b60798dc1bc6347f7fc91c827a05582b085bf338a2ab175d66c998d79e108ba2d2dd749af7710c7260dfcd6f98339d9634763e247a92b00e951e6fe6a0453847aad741ed4ab712f6d71b838a0f2ed809b659d7aa04ffd2937d682edd8b4bab58ba2f8dea95a7a0c35489a5fbdb8b51229db2c3be11be2c91868b9678ad20d38a2f1a3fc6d051658721b11901657f451c87f57cd0414c4f299821fd331f750c0451fa1977dbd4141cee81c31df598b769069122dd0050cc8131ac12077b38da685be62bd47ec95fade8eb724cf301e54b20bf9aa657ca9100018ba1752137b5630d673e464f702067cec5d659db02e0f0d2cbcdba62b79041e8dd20e429bc642942c822dc789aff43ec981b09514b5a5ac271f1c4cb73a9e5a10b0203010001a38201ce308201ca301d0603551d0e0416041416b5321bd4c7f3e0e68ef3bdd2b03aeeb23918d13081a30603551d2304819b308198801416b5321bd4c7f3e0e68ef3bdd2b03aeeb23918d1a17da47b30793110300e060355040a1307526f6f74204341311e301c060355040b1315687474703a2f2f7777772e6361636572742e6f7267312230200603550403131943412043657274205369676e696e6720417574686f726974793121301f06092a864886f70d0109011612737570706f7274406361636572742e6f7267820100300f0603551d130101ff040530030101ff30320603551d1f042b30293027a025a023862168747470733a2f2f7777772e6361636572742e6f72672f7265766f6b652e63726c303006096086480186f84201040423162168747470733a2f2f7777772e6361636572742e6f72672f7265766f6b652e63726c303406096086480186f842010804271625687474703a2f2f7777772e6361636572742e6f72672f696e6465782e7068703f69643d3130305606096086480186f842010d04491647546f2067657420796f7572206f776e20636572746966696361746520666f7220465245452068656164206f76657220746f20687474703a2f2f7777772e6361636572742e6f7267300d06092a864886f70d0101040500038202010028c7ee9c8202ba5c8012ca350a1d816f896a99ccf2680f7fa7e18d58953ebdf206c3905aacb560f6994301a388709c9d629da487af67580d30363be6ad48d3cb740286713ee22b0368f1346240463b53ea28f4acfb6695538a4d5dfd3bd960d7ca79693bb16592a6c681825c9ccdeb4d018aa5df1155aa15ca1f37c082987061db6a7c96a38e2e543e4f21a990efdc82bfdce845ad4d9073083c9465b00499767fe2bcc26a15aa97043724d81e944e6d0e51bed6c48fca966df743dfe83065273b7bbb434363c443f7b2ec68cce1198e22fb98e17b5a3e01373b8b08b0a2f3954e1acb9bcd9ab1dbb270f02d4adbd8b0e36f45483312fffe3c322a54f7c4f78af08823c247fe647a71c0d11ea663b0077ea42fd3018fdc9f2bb6c608a90f934825fc12fd9f42dcf3c43ef657b0d7dd69d10677340a4bd2caa0ff1cc68cc916bec4cc323768735f08fb51f7495336050a95024cf2791a10f6d83a759cf31df1a20d7067861bb316f52fe5a4eb7986f93d0bc2730ba599ac6ffc67b8e52f0ba618248d7bd14835291840ac9360e1968650b47a59d88f210b9fcf8291c63bbf6bdc0791b9975623aab66c94c648063ce4ce4eaae4f62f09dc536f2efc74eb3a6399c2a6ac89bca7b244a00d8a10e36cf224cbfa9b9f70472ede148bd4b2200996a264f1241cdca1359c15b2d4bc552e7d06f59c0e55f45ad693da76ad25734cc543
|
||||
|
|
|
@ -1,16 +1,28 @@
|
|||
|
||||
RCS file: /var/opendnssec/unsigned/RCS/cacert.org,v
|
||||
Working file: /var/opendnssec/unsigned/cacert.org
|
||||
head: 1.82
|
||||
head: 1.83
|
||||
branch:
|
||||
locks: strict
|
||||
access list:
|
||||
symbolic names:
|
||||
keyword substitution: kv
|
||||
total revisions: 82; selected revisions: 82
|
||||
total revisions: 83; selected revisions: 83
|
||||
description:
|
||||
cacert.org - zone file for cacert.org
|
||||
----------------------------
|
||||
revision 1.83
|
||||
date: 2014/07/22 09:34:28; author: root; state: Exp; lines: +4 -2
|
||||
Add TLSA record for www.cacert.org and secure.cacert.org.
|
||||
This supports effective use of the DNSSEC/TLSA Validator browser plugin
|
||||
available from CZ.NIC Labs.
|
||||
The records have been created with https://www.huque.com/bin/gen_tlsa
|
||||
using these parameters:
|
||||
certificate usage: DANE-TA (2) trust anchor
|
||||
selector: full cert (0)
|
||||
matching type: exact match (0)
|
||||
certificate: https://www.cacert.org/certs/root.der
|
||||
----------------------------
|
||||
revision 1.82
|
||||
date: 2014/06/10 13:03:07; author: root; state: Exp; lines: +11 -2
|
||||
Add resource records for critmon.cacert.org.
|
||||
|
|
Loading…
Reference in a new issue