[dns-operations] fbi.gov sigs expired [was:Trend/ISC DNS Changer takedown]

CHui chui at lbl.gov
Fri Nov 11 19:44:36 UTC 2011 

Would this be some cache issue?   It was just replaced today 2011-11-11
18:06:40 UTC

Cedric

mon 57 @ dig +dnssec +noall +comment +answer www.fbi.gov
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32412
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 14, ADDITIONAL: 23
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; ANSWER SECTION:
www.fbi.gov.            230     IN      CNAME   www.fbi.gov.c.footprint.net.
www.fbi.gov.            230     IN      RRSIG   CNAME 7 3 300 20120209180640
20111111180640 58969 fbi.gov.
pIhOG+FKxVqNxTF6i+qJeLSaKxqgjKO5nvnIUzLk+0IuB6IRRo1FGjFg
qgghCJj73iwgeOKIOVkd9k7w34m4o+v3pU/qU3K42GOv2EV8oZgLtIil
P02D2No2+Fbe+Mo9oYMvSPhNDQwCScclT9oiUCHj4fdCySwdI7tkNBfa OS4=
www.fbi.gov.c.footprint.net. 160 IN     A       4.23.63.87
www.fbi.gov.c.footprint.net. 160 IN     A       206.33.61.87
www.fbi.gov.c.footprint.net. 160 IN     A       209.84.4.105


-----Original Message-----
From: dns-operations-bounces at mail.dns-oarc.net
[mailto:dns-operations-bounces at mail.dns-oarc.net] On Behalf Of Dobbins,
Roland
Sent: Friday, November 11, 2011 11:27 AM
To: dns-operations at mail.dns-oarc.net
Subject: Re: [dns-operations] fbi.gov sigs expired [was:Trend/ISC DNS
Changer takedown]


On Nov 12, 2011, at 1:01 AM, Chris Thompson wrote:

> Well, no. It seems that the DNSSEC signatures on the fbi.gov zone expired
2011-11-10 17:37:26 UTC and have not yet been replaced ... :-(

And it's a 3-day weekend in the US, too.  Nice.

I guess DNSSEC sig expiry is the new neglected domain renewal.

;>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde

_______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

More information about the dns-operations mailing list