[dns-operations] nsf.gov DNS is broken
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Mar 13 07:48:09 UTC 2014
On Wed, Mar 12, 2014 at 02:10:01PM -0700,
Michael Sinatra <michael at rancid.berkeley.edu> wrote
a message of 16 lines which said:
> nsf.gov's DNS is broken. NSF has apparently made the classic USGBKR
> (US Government Botched KSK Rollover). Basically, the DS record in
> the parent zone (.gov) points to a KSK that is in the nsf.gov zone,
> but isn't being used to sign the active ZSK (or anything else, for
> that matter).
The problem seems now solved but, if you want to see what it looked
like, DNSviz history has it:
http://dnsviz.net/d/nsf.gov/UyEzYw/dnssec/
More information about the dns-operations
mailing list