[dnssec-deployment] some observations about .SE's DNSSEC

Crocker Steve steve at shinkuro.com
Tue Sep 25 18:13:47 EDT 2007


The question that comes quickly to mind is why?  What's the problem?

Steve

On Sep 25, 2007, at 6:02 PM, Paul Vixie wrote:

> jakob has given me permission to share this information with you,  
> and would
> welcome any questions or discussion we might have:
>
> --------
>
> From: Jakob Schlyter <jakob at rfc.se>
> Subject: Re: AD set unrequested
> Date: Tue, 25 Sep 2007 17:28:26 +0200
> To: xxx
>
> on more thing...
>
> as you may have noted, DNSSEC in .SE is in full production at  
> least  two
> large ISP:s in Sweden are doing DNSSEC validation in their  production
> systems.  it was recently discovered that none of their  customers  
> (with
> crappy broadband routers, e.g. Netgear) can reach  signed domains.  
> ouch.
>
> 	jakob
>
> --------
>
> #############################################################
> This message is sent to you because you are subscribed to
>   the mailing list <dnssec-deployment at shinkuro.com>.
> To unsubscribe, E-mail to: <dnssec-deployment-off at shinkuro.com>
> A public archive is available here: <http://mail.shinkuro.com:8100/ 
> Lists/dnssec-deployment/>
> and older material is at
> <http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>




More information about the Dnssec-deployment mailing list