[dns-operations] DNSSEC misconfiguration

Carlos Vicente cvicente at network-services.uoregon.edu
Fri Jul 30 15:31:52 UTC 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> I do hope that as GOV evaluates new mandates and best practices, they
> include provisions for eating your own dog food.  Requiring .GOVs to run
> validation on their recursors and validate their own zones would have
> gone a long way to reducing these sorts of problems.  Or, at least it
> would have spread the pain.
> 
> michael

I agree.

On a related note, some time ago it was disappointing to hear the
EDUCAUSE folks suggest in a webinar that .edu's should sign first and
then "when everybody has signed their zones", enable validation.

cv
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFMUvBoDADXcoYj2ZwRAmoFAJ4qWRJT2VRe3Pq0lla8YSmnWPLfuwCePt2t
xH0vz3G9Qx24CXhk93DXPfU=
=kEkr
-----END PGP SIGNATURE-----



More information about the dns-operations mailing list