[dns-operations] It's begun...
Chris Thompson
cet1 at cam.ac.uk
Thu Oct 24 13:12:10 UTC 2013
At 13:01 23-10-2013, Edward Lewis wrote:
>My sensors show 4 new gTLDs in the last hour or so...IDN,
>non-ccTLD...added between 1800 and 1900 UTC.
Not mentioned yet is that all four appeared already signed and with
DS records in the root zone.
But... the two Cyrillic gTLDs (xn--80asehdb & xn--80aswg) are a bit
broken, in that NXDOMAIN responses don't validate properly. Neither
dnssec-debugger.verisignlabs.com nor dnsviz.net are able to analyse
validations problems for NXDOMAIN responses, so I am not quite sure
why yet, but e.g.
dig +dnssec www.xn--80asehdb.
dig +dnssec www.xn--80aswg.
give SERVFAILs which can be avoided by adding the +cd option.
--
Chris Thompson University of Cambridge Computing Service,
Email: cet1 at ucs.cam.ac.uk Roger Needham Building, 7 JJ Thomson Avenue,
Phone: +44 1223 334715 Cambridge CB3 0RB, United Kingdom.
More information about the dns-operations
mailing list