DNSSEC RRSIG's not visible with dig

I use Cloudflare DNS and enabled DNSSEC. DNSSEC is active for a while but I noticed when I do a RRSIG query on mxtoolbox.com no RRSIG’s will be returned. I tried also to run commando: dig rrsig +dnssec but nothing returns. When I do the same queries on another DNSSEC enabled domain like sidn.nl I get results back.

First I thought it has to do with NSEC/NSEC3 but also on domains with NSEC3 enabled it returns RRSIG’s and DNSSEC on Cloudflare is using NSEC.

Does anyone has an explanation? I’m vert curious.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.