[AusNOG] DNSSEC on audns.net.au
Mark Andrews
marka at isc.org
Fri Dec 4 18:20:10 EST 2015
In message <566139A3.3020403 at hostaway.net.au>, Ender writes:
> Hi all,
>
> I've just noticed that I can't resolve whois.audns.net.au anymore, and a
> little bit of pokey suggests they resigned that domain today with a
> non-published key.
>
> If I'm reading this right, they're referencing keyid 63625 but only
> publishing keys 48255 and 3410... can anyone confirm that this is a
> signing issue and not some
> bad mojo on my resolvers?
The DS and DNSKEY's don't match. The simplest way to check this
is to throw it at a DNSSEC checker. Note the 2 red errors.
http://dnssec-debugger.verisignlabs.com/whois.audns.net.au
Mark
> Thanks!
> Ender
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the AusNOG
mailing list