Exclude a domain from DNSSEC validation, like Unbound's "domain-insecure".
Mark Andrews
marka at isc.org
Thu Feb 7 01:26:55 UTC 2013
In message <201302070048.r170mOsG004535 at calcite.rhyolite.com>, Vernon Schryver
writes:
> My view is that if an outfit has so few other users that it doesn't
> hear when things breaks and doesn't care enough to monitor, then it's
> not worth my time to be a pest. By time I notice a problem with a
> non-trivial domain, those responsible will already be on the job and
> I would only an irritating user or luser. They will already have been
> alerted by their monitors as well as hordes of other lusers.
>
> In other words, when did you last alert strangers about lame
> delegations?
When all the servers for the zone were lame.
In the last week I complained about servers for a zone that were
returning A records to AAAA queries. Those servers have since been
fixed.
Before that it was a zone with expired signatures a .com zone.
Before that it was a zone with expired signatures for a TLD.
On average I report something once a month. I don't go looking for problem
but when I see them I report them.
> Vernon Schryver vjs at rhyolite.com
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list