[dns-operations] glb.cdc.gov nameservers not accepting TCP
Viktor Dukhovni
ietf-dane at dukhovni.org
Wed Oct 20 18:01:44 UTC 2021
On Wed, Oct 20, 2021 at 10:46:21AM -0700, Tim Maestas wrote:
> Anyone have a contact for CDC.gov (or glb.cdc.gov - other than
> hostmaster at cdc.gov which I've already reached out to)?
>
> A response to a +DO query for DNSKEY glb.cdc.gov is 1253 bytes. If the
> EDNS bufsize is <1253 the nameservers for glb.cdc.gov are setting TC=1
> however they do not seem to be accepting TCP queries.
This is IIRC a well-known longstanding issue. It'd be good to see it
resolved. The "Security Contact Email" for cdc.gov is:
<ResponsibleDisclosure at hhs.gov>
which also suggests perhaps reaching out to HHS as well:
<hostmaster at psc.hhs.gov>
--
Viktor.
More information about the dns-operations
mailing list