[dns-operations] Quad9 DNSSEC Validation?
marka at isc.org
Mon Mar 1 18:46:38 UTC 2021
It also doesn’t help that Whois is not particularly useful. It has improved but if you can’t report faults they don’t get fixed.
> On 2 Mar 2021, at 05:29, Paul Vixie <paul at redbarn.org> wrote:
> On Mon, Mar 01, 2021 at 08:21:21AM -0500, Jim Popovitch via dns-operations wrote:
>> Over on the email side, I know of several instances in the past 5+ years
>> where email providers have had to disable TLS and/or DANE/DNSSEC checks
>> (i.e. postfix's smtp_tls_policy_maps) for .mil and .gov domains due
>> mostly in part for poor key rollover management practives/monitoring.
> so, this is a game of "chicken" where the wrong people keep flinching.
> Paul Vixie
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
More information about the dns-operations