[dns-operations] A report on a DNS issue that was causing page redirections

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Aug 13 07:38:33 UTC 2014

On Tue, Aug 12, 2014 at 06:59:37PM +0200,
 Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote 
 a message of 14 lines which said:

> The author says "your domain name registrar can introduce an error to
> the root domain database and match your domain to an incorrect DNS
> servers (this actually happened earlier in history of some domain
> registrars)" but my human memory cannot find an actual documented
> case. Anyone can mention one or was it just speculation?

One case mentioned by Tony which is not exactly that, but close:


One mentioned in ANSSI's guide on DNS:


[If you take Network Solutions' words literally...]
> DNSSEC would have mitigated the problem if the domain had been
> properly managed, which was apparently not the case.

Someone asked me to be more precise: if the DNS hoster does both the
provisioning (including the signing) and the publication on its DNS
servers, then, DNSSEC would not help (GIGO). But if the user does the
provisioning / signing, and relies on the DNS hoster just for
publication (the user being just a stealth master), DNSSEC would
protect against blunders by the DNS hoster.

More information about the dns-operations mailing list