[dns-operations] Quad9 DNSSEC Validation?
Brian Dickson
brian.peter.dickson at gmail.com
Mon Mar 1 22:40:38 UTC 2021
On Mon, Mar 1, 2021 at 2:16 PM Viktor Dukhovni <ietf-dane at dukhovni.org>
wrote:
> On Mon, Mar 01, 2021 at 09:12:38AM +0100, Petr Špaček wrote:
>
> > In my experience negative trust anchors for big parts of MIL and/or GOV
> > are way more common, let's not pick specifically on Quad9. For periods
> > of time I have seen with other big resolver operators as well.
>
> On the .gov side, just 10 of 1239 domains fail to return validated
> DNSKEY RRsets (with rounded number of weeks duration):
>
> weeks | domain
> -------+----------------------------
>
> 148 | uscapitolpolice.gov
Just an observation, in terms of real world implications of DNSSEC
validation failures:
I hope this wasn't in any way a contributing factor in the 2021-01-06
events/response.
Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20210301/5391af05/attachment.html>
More information about the dns-operations
mailing list