[Dnssec-deployment] Fwd: ed.gov dnssec validation problems
cvicente.lists at gmail.com
Fri May 27 14:00:02 EDT 2011
I meant to CC this list earlier.
An addition to the note below, it struck me as interesting that a
CNAME from a signed zone pointing to an insecure zone will make the
validation fail. I suppose that ed.gov could solve that by using A
records with the hosting site's IP address instead.
Anyways, I'm hoping that more people report the problem so that they
fix it quickly.
---------- Forwarded message ----------
From: Carlos Vicente <cvicente.lists at gmail.com>
Date: Fri, May 27, 2011 at 9:51 AM
Subject: ed.gov dnssec validation problems
To: dns-operations at lists.dns-oarc.net
I've received complains from users on our campus having trouble
resolving the following:
A quick look at our dnssec logs shows problems with validation, and also:
However, when trying to get the contact information for the domain, I'm seeing
;; ANSWER SECTION:
ed.gov. 2958 IN SOA eduptcdnsp01.ed.gov.
10800 3600 604800 3600
But a whois lookup of bcn.com shows:
Nombre de dominio: BCN.COM
B C N, S.L.
B C N, S.L. (dnsadmin at ibercom.com)
So, I'm not sure who to contact. Any suggestions?
More information about the Dnssec-deployment