[dns-operations] DNSSEC validation - salliemae.com
Robert Blayzor
rblayzor.bulk at inoc.net
Thu Aug 8 18:27:23 UTC 2019
On 8/8/19 2:07 PM, Joe Abley wrote:
> I get a response with a signature:
>
> [anchovy:~]% dig @184.105.193.74 salliemae.com IN A +dnssec +multiline
I think it was more my point is that their NS records and SOA records
return a bad signature and hence SERVFAIL.
I would probably expect that to cause all kinds of other problems;
perhaps thats the reason why it's broken in unbound.
This is the only domain I'm having a problem with with unbound
resolving. Like I said, in unbound I'm sometimes getting a timeout and
other times just getting a SERVFAIL.
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://pgp.inoc.net/rblayzor/
More information about the dns-operations
mailing list