[dns-operations] Why did .KE go insecure? ns36.cdns.net

Jacques Latour Jacques.Latour at cira.ca
Fri Sep 23 17:27:42 UTC 2022

Just looking quickly, if you look back in dnsviz on Sept 15, I think a KSK roll over didn't go as plan... https://dnsviz.net/d/ke/YyK2rw/dnssec/

Now, here's a nice feature, a play button that shows a step by step of key roll over.

-----Original Message-----
From: dns-operations <dns-operations-bounces at dns-oarc.net> On Behalf Of Bill Woodcock
Sent: September 23, 2022 12:45 PM
To: Jan-Piet Mens <list at mens.de>
Cc: dns-operations at lists.dns-oarc.net
Subject: [EXT] Re: [dns-operations] Why did .KE go insecure? ns36.cdns.net

[Some people who received this message don't often get email from woody at pch.net. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]

> On Sep 23, 2022, at 6:09 PM, Jan-Piet Mens via dns-operations <dns-operations at dns-oarc.net> wrote:
> From: Jan-Piet Mens <list at mens.de>
> Subject: Why did .KE go insecure? ns36.cdns.net
> Date: September 23, 2022 at 6:09:04 PM GMT+2
> To: dns-operations at lists.dns-oarc.net
> Out of curiousity, does anybody know why .KE went insecure just after
> 2022-09-15 18:37Z [1]?  They appear to have removed all DNSSEC related data
> meanwhile [2].

Yes.  I imagine they’ll make an announcement at some point.  It wasn’t to do with a failure of DNSSEC systems.


More information about the dns-operations mailing list