Please add a check for DNSSEC [pass/fail]

ssllabs / ssllabs-scan

A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

https://www.ssllabs.com/projects/ssllabs-apis/

Apache License 2.0

1.69k stars 240 forks source link

Please add a check for DNSSEC [pass/fail] #118

Open cybershambles opened 9 years ago

cybershambles commented 9 years ago

Similar to the dig command test@test-VirtualBox ~ $ dig +sigchase +short +trusted-key=./root.keys www.asio.gov.au. A |grep validation ;; RRSIG is missing for continue validation: FAILED

test@test-VirtualBox ~ $ dig +sigchase +trusted-key=./root.keys www.eurid.eu. A |grep validation ;; Ok this DNSKEY is a Trusted Key, DNSSEC validation is ok: SUCCESS <

LordMike commented 9 years ago

Added to that: TLSA