пре 3 година · deaef8da3a
--- a/api/desecapi/pdns.py
+++ b/api/desecapi/pdns.py
@@ -101,9 +101,7 @@ def get_keys(domain):
 
															         'flags': 'flags',  # deprecated
														
 
															         'keytype': 'keytype',  # deprecated
														
 
															     }
														
 
															-    return [{v: key[k] for k, v in field_map.items()}
														
 
															-             for key in r.json()
														
 
															-             if key['published'] and key['keytype'] in ['csk', 'ksk']]
														
 
															+    return [{v: key.get(k, []) for k, v in field_map.items()} for key in r.json() if key['published']]
														
 
															 def get_zone(domain):
														
--- a/docs/dns/domains.rst
+++ b/docs/dns/domains.rst
@@ -49,22 +49,23 @@ Field details:
 
															 ``keys``
														
 
															     :Access mode: read-only
														
 
															-    Array with DNSSEC key information.  Each entry contains ``DNSKEY`` and
														
 
															-    ``DS`` record contents (the latter being computed from the former).
														
 
															-    For delegation of DNSSEC-secured domains,
														
 
															+    Array with DNSSEC public key information.  Each entry contains ``DNSKEY``
														
 
															+    and ``DS`` record contents.  For delegation of DNSSEC-secured domains,
														
 
															     the parent domain needs to publish these ``DS`` records.  (This usually
														
 
															     involves telling your registrar/registry about those records, and they
														
 
															     will publish them for you.)
														
 
															     Notes:
														
 
															-    - Keys are returned immediately after domain creation or when retrieving a
														
 
															-      specific domain. In contrast, when listing all domains, the keys field
														
 
															-      is omitted for performance reasons.
														
 
															+    - Keys are returned immediately after domain creation, and when retrieving
														
 
															+      a specific domain.  In contrast, when listing all domains, the ``keys``
														
 
															+      field is omitted for performance reasons.
														
 
															-    - ``DS`` values are the result of hashing the ``DNSKEY`` with various
														
 
															-      algorithms.  We limit the set of hash algorithms according to best
														
 
															-      practice.  Currently, we use algorithms 2 (SHA-256) and 4 (SHA-384).
														
 
															+    - ``DS`` values are calculated for each applicable key by applying hash
														
 
															+      algorithms 2 (SHA-256) and 4 (SHA-384), respectively.
														
 
															+      For keys not suitable for delegation (indicated by the first field
														
 
															+      containing an even number, such as ``256``), the ``ds`` field is ``[]``.
														
 
															+      The selection of hash algorithms may change as best practices evolve.
														
 
															 ``minimum_ttl``
														
 
															     :Access mode: read-only