Exclude a domain from DNSSEC validation, like Unbound's "domain-insecure".

Mark Andrews marka at isc.org
Thu Feb 7 01:26:55 UTC 2013


In message <201302070048.r170mOsG004535 at calcite.rhyolite.com>, Vernon Schryver 
writes:
> My view is that if an outfit has so few other users that it doesn't
> hear when things breaks and doesn't care enough to monitor, then it's
> not worth my time to be a pest.  By time I notice a problem with a
> non-trivial domain, those responsible will already be on the job and
> I would only an irritating user or luser.  They will already have been
> alerted by their monitors as well as hordes of other lusers.
> 
> In other words, when did you last alert strangers about lame
> delegations?

When all the servers for the zone were lame.

In the last week I complained about servers for a zone that were
returning A records to AAAA queries.  Those servers have since been
fixed.

Before that it was a zone with expired signatures a .com zone.

Before that it was a zone with expired signatures for a TLD.

On average I report something once a month.  I don't go looking for problem
but when I see them I report them.

> Vernon Schryver    vjs at rhyolite.com
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>  from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind-users mailing list