hyperboria.se.zone


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

; vi: ft=bindzone:ts=8:sw=8:nowrap:noet
$ORIGIN hyperboria.se.
$TTL 2h

@       IN      SOA     ns1.kyriasis.com. hostmaster.hyperboria.se (
                                06      ; serial
                                4h      ; refresh
                                1h      ; retry
                                1w      ; expire
                                1h      ; minttl
                        )
                NS ns1.kyriasis.com.

                A       212.71.254.33
                AAAA    2a01:7e00::f03c:91ff:fe6e:f996
h               AAAA    fca1:fabb:7792:f28d:4623:139:10af:549

www             CNAME   hyperboria.se.

;;; DNSSEC

; bind 9.9 and later supports "live signing" where the nameserver automatically signs the
; zone in memory. Due to this the live zone has a larger serial number than in this file

;;; DANE (TLSA) - http://tools.ietf.org/html/rfc6698
;   "TLSA" <usage> <selector> <match>
;   usage:
;     [0] match certification path & require known CA or trust anchor
;     [1] match end-entity certificate & require known CA or trust anchor
;     [2] match certification path, using given cert as trust anchor
;     [3] match end-entity certificate
;   selector:
;     [0] X.509 certificate
;     [1] public key
;   match:
;     [0] exact match
;     [1] SHA-256 hash
;     [2] SHA-512 hash

;;; Mail

;; MX
@                       MX      10      theos.kyriasis.com.
@                       MX      5       h.theos.kyriasis.com.
h                       MX      5       h.theos.kyriasis.com.

;; SPF <http://tools.ietf.org/html/rfc4408>
@                       TXT     "v=spf1 a mx ~all"
@                       SPF     "v=spf1 a mx ~all"
h                       SPF     "v=spf1 a mx ~all"
h                       TXT     "v=spf1 a mx ~all"

;;; Users

; CERT and _pka records are used by GnuPG for looking up recipient's public key.
; - See <http://www.gushi.org/make-dns-cert/HOWTO.html> for a guide.
; - See RFC 4398 § 2.2 for CERT IPGP.

; OPENPGPKEY records are similar, but have the complete key.
; - See <http://tools.ietf.org/html/draft-wouters-dane-openpgp-02>

johannes                TXT      "Johannes Löthberg <johannes@kyriasis.com>, +46739525259"
                        CERT     IPGP   0  0    ( FFE0756vZflba7FgjlD7myc6nQu1aHR0cHM6Ly90aGVvcy
                                                  5reXJpYXNpcy5jb20vfmt5cmlhcy9wZ3Ata2V5LnR4dA== )
johannes._pka           TXT      "v=pka1;fpr=5134EF9EAF65F95B6BB1608E50FB9B273A9D0BB5;uri=https://theos.kyriasis.com/~kyrias/pgp-key.txt"