Thank you Mark. Your insight and detail is
always helpful and immensely appreciated. For
what it's worth, I will make it a point to reach
out to the relevant parties to grouse to the
extent possible about the damage done by
DNS servers authoritative for DNSSEC signed
zones that aren't properly su
Archives.org is served by the following servers.
archives.gov. 300 IN NS sauthns1.qwest.net.
archives.gov. 300 IN NS sauthns2.qwest.net.
Those servers return BADVERS to EDNS(0) queries with a EDNS option
present. BADVERS is NEVER a valid rcode to
Ah, you are awesome Carl! Thank
you!! And doh, stupid me. I was
emailing the wrong people.
On Wed, Apr 11, 2018 at 11:45 AM, Carl Byington wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Wed, 2018-04-11 at 11:28 -0700, Mark Boolootian wrote:
>
>
>> I'm wondering if anyone fr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2018-04-11 at 11:28 -0700, Mark Boolootian wrote:
> I'm wondering if anyone from this august group
> can clue me in to how I might config around this
> issue for the archives.gov servers (assuming that
> is possible).
// 9-11commission.gov
Hi folks,
I upgraded out of 9.10 and into 9.12
last week. Subsequent to that, I received
complaints about hosts in archives.gov
failing to resolve.
We run validating recursive servers, and
archives.gov is signed.
I've poked at this but concluded I lack
enough DNS foo to understand the specifics
5 matches
Mail list logo