[dns-wg] [dnssec-deployment] New KSK for .SE (fwd)
-
From: Brett Carr brettcarr@localhost
-
Date: Thu, 4 Jan 2007 15:33:13 +0100 (CET)
I think that this may interest some folks on this list.
--
Brett Carr RIPE Network Coordination Centre
Manager -- DNS Services Group Singel 258 Amsterdam NL
GPG Key fingerprint = F20D B2A7 C91D E370 44CF F244 B6A1 EF48 E743 F7D8
---------- Forwarded message ----------
Date: Thu, 4 Jan 2007 12:26:25 +0100
From: "[iso-8859-1] Anne-Marie Eklund-Löwinder"
<Anne-Marie.Eklund-Lowinder@localhost
To: DNSSEC deployment dnssec-deployment@localhost
Subject: [dnssec-deployment] New KSK for .SE
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
New key signing key (KSK) for .SE
As from today, 2007-01-04 .SE publish and take into use a new KSK for
signing the .SE zone file. The old key will be valid until
2008-01-01. If you have configured the old key (Key id = 17686) into
your resolver we strongly recommend you to replace it with the new
key (Key id = 6166) no later than 2007-12-31.
Following public keys are valid for .SE:
se. IN DNSKEY 257 3 5 (
AwEAAaxPMcR2x0HbQV4WeZB6oEDX+r0QM65KbhTjrW1Z
aARmPhEZZe3Y9ifgEuq7vZ/zGZUdEGNWy+JZzus0lUpt
wgjGwhUS1558Hb4JKUbbOTcM8pwXlj0EiX3oDFVmjHO4
44gLkBOUKUf/mC7HvfwYH/Be22GnClrinKJp1Og4ywzO
9WglMk7jbfW33gUKvirTHr25GL7STQUzBb5Usxt8lgny
TUHs1t3JwCY5hKZ6CqFxmAVZP20igTixin/1LcrgX/KM
EGd/buvF4qJCyduieHukuY3H4XMAcR+xia2nIUPvm/oy
WR8BW/hWdzOvnSCThlHf3xiYleDbt/o1OTQ09A0=
) ; key id = 17686
se. IN DNSKEY 257 3 5 (
AwEAAb6xRZHEf+PyF5dxEvz0BHEHbziu6iZaiNW/yjSa
ZcmrmZiRMF8FPppD+XuKSau0rgu4eBwYdpkEoMVR4FhI
8frkuPHIue2LP1ETo+2hCrdr60K1538yLvzbOhMxXt6k
njPN+OlalMmCknadaofKga5FLKOPQs2C3nw6AH4WUNGr
chmDMVBwRwfZdQXYZTXesqULmGMK7mwjQGOxerRDQWrF
v8NhNnVV31PihaYBdQ1TJjvfGS/FYZJwv/BddiELiLeU
nNWu3AOsRAshgOcDBOAPUvKJNEq6RHELFmvXOOe2d8H2
yzv02EMQik6GwUm16DrSdmX+SWfelQs+9ELFN6k=
) ; key id = 6166
The keys are also available at http://dnssec.iis.se/key.html
DNS users that haven't earlier but are going to configure their DNS
to ask for DNSSEC answers should only use the new key.
DNS users that haven't explicitly configured their DNS to ask for
DNSSEC answers this will not involve any changes at all.
We do also advice you to subscribe to the
dnssec-announce@localhost mailing list to get notified about key
rollovers and any other important changes
Questions may be addressed to dnssec-info@localhost
Anne-Marie Eklund Löwinder
Quality & Security Manager
.SE (The Internet Infrastructure Foundation)
P O Box 7399
103 91 Stockholm
Sweden
Tel: +46 8 452 35 00, direct: +46 8 452 35 17, mobile: +46 734 315
310
E-mail: anne-marie.eklund-lowinder@localhost
Web: www.iis.se
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBRZzkYaXc8AFCsc+UEQLWwwCaAibkesPscNtzsjeWWLmrFKLcaa8AoJli
+i6VDyKfg8wqbW9lkCwynJY5
=YaRn
-----END PGP SIGNATURE-----
#############################################################
This message is sent to you because you are subscribed to
the mailing list dnssec-deployment@localhost.
To unsubscribe, E-mail to: dnssec-deployment-off@localhost
A public archive is available here: <http://mail.shinkuro.com:8100/Lists/dnssec-deployment/>
and older material is at
<http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>
|
you are here: RIPE -> RIPE Maillists > Archives
