bortzmeyer at nic.fr
Fri May 21 09:05:36 UTC 2010
On Tue, May 18, 2010 at 09:24:08AM +0200,
Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote
a message of 33 lines which said:
> I strongly disagree. The problem with uspto.gov is not a DNSSEC one
> (the signatures are valid, the chain trust is OK) but a *network*
> one. A broken middlebox prevents large responses to come in.
It is "fixed" now (they've reduced the number of DNSKEYs, thus coming
under 1500 bytes, but I don't know if the underlying network problem
This morning, doc.gov is broken (yes, the thing that controls the DNS
root). This time, it is a purely DNSSEC issue.
More information about the dns-operations