Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Some notes about DNSSEC

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Some notes about DNSSEC


Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT sourpuss.net>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] Some notes about DNSSEC
  • Date: Tue, 10 Jun 2014 13:01:36 -0600

Just an update here... I pushed out a fully-signed root zone about an hour ago. I've observed quite a number of servers picking up the new zone, and all the ones I tested were responding with the full dnssec keys. So if anyone wants to start testing the new root, feel free.

One observation that has been made to me already... the keys are self-signed. I don't know what that will affect, but until opennic has their own CA I'm not sure how we can fix it either (or if it actually needs fixed?). If anything is badly broken, I can always revert back to the old (non-signed) root zone.



Archive powered by MHonArc 2.6.19.

Top of Page