[dns-operations] Comcast Begins DNSSEC Rollout
Livingood, Jason
Jason_Livingood at cable.comcast.com
Mon Oct 18 18:48:54 UTC 2010
As an FYI, we at Comcast just announced the start of our production rollout of DNSSEC (see http://blog.comcast.com/2010/10/dns-security-rollout-begins.html). So far this year, our production deployment trial has been opt-in only. Starting today, customer DNS IP addresses will start to change via DHCP lease updates – all the details are @ http://www.dnssec.comcast.net/. I'm pretty sure we're the first large ISP in the U.S. to do so, something we're very proud of. :-)
Also, we shot and have available at new DNSSEC Public Service Announcement for our customers, shot with G4 Network's "Attack of the Show" co-host, Kevin Pereira, available at http://www.youtube.com/watch?v=boyl6o7nkLQ&feature=player_embedded.
Lastly, we have deliberately broken DNSSEC for a domain so we and others can test what happens when validation breaks, which is at http://www.dnssec-failed.org.
So while we'll take a few months to very carefully migrate, here come some end users! So, um, make sure those TLD key rollovers keep working well. ;-)
Regards,
Jason Livingood
More information about the dns-operations
mailing list