[dns-operations] Outdated RIPE NCC Trust Anchors in Fedora Linux Repositories
randy at psg.com
Fri Feb 5 17:46:22 UTC 2010
> We have discovered that recent versions of the Fedora Linux distribution
> are shipping with a package called "dnssec-conf", which contains the
> RIPE NCC's DNSSEC trust anchors. This package is installed by default as
> a dependency of BIND, and it configures BIND to do DNSSEC validation.
> Unfortunately, the current version of this package (1.21) is outdated
> and contains old trust anchors.
what a great lesson
More information about the dns-operations