[dns-operations] 172.in-addr.arpa DNSSEC broken
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue May 20 20:22:13 UTC 2014
On Tue, May 20, 2014 at 04:14:27PM -0400,
Jared Mauch <jared at puck.nether.net> wrote
a message of 20 lines which said:
> > http://dnsviz.net/d/16.172.in-addr.arpa
>
> Is this perhaps related to AS112 project as well or 172.16 zones
> being built-in to some resolvers?
The OP made a small typo in the URL. The problem is indeed in
172.in-addr.arpa (botched rollover, it seems, old KSK 30729 removed
from the zone while the DS was - is - still in many caches).
http://dnsviz.net/d/172.in-addr.arpa/U3tYdw/dnssec/
I wonder when DNSSEC will be taken seriously, and the rollovers done
by properly written and tested programs :-(
More information about the dns-operations
mailing list