Hello;
Running BIND 9.8.2 in RHEL6 (at the latest vendor provided version --
bind-9.8.2-0.17.rc1) and trying to troubleshoot an issue resolving
ic.fbi.gov that seems to be DNSSEC related.
Am fairly certain of this because if I set dnssec-enable and
dnssec-validation to no (have them at 'yes'
From here i see a fast response using the local server:
~
$ dig ic.fbi.gov
; DiG 9.7.6-P1 ic.fbi.gov
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: _/*NOERROR*/_, id: 2421
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
It appears to me that the NSEC3 record that is denying the existence of
the DS record for ic.fbi.gov does not have a corresponding RRSIG.
That's based on a fairly cursory glance.
This seems to be the case for all of the NSEC3 records in fbi.gov.
Something's messed up in fbi.gov.
michael
PS:
On Wed, Jul 17, 2013 at 09:49:18AM -0700, Ray Van Dolson wrote:
Hello;
Running BIND 9.8.2 in RHEL6 (at the latest vendor provided version --
bind-9.8.2-0.17.rc1) and trying to troubleshoot an issue resolving
ic.fbi.gov that seems to be DNSSEC related.
Am fairly certain of this because if
On Wed, Jul 17, 2013 at 01:58:25PM -0400, Bill Owens wrote:
On Wed, Jul 17, 2013 at 09:49:18AM -0700, Ray Van Dolson wrote:
Hello;
Running BIND 9.8.2 in RHEL6 (at the latest vendor provided version --
bind-9.8.2-0.17.rc1) and trying to troubleshoot an issue resolving
ic.fbi.gov that
- Original Message -
On Wed, Jul 17, 2013 at 01:58:25PM -0400, Bill Owens wrote:
On Wed, Jul 17, 2013 at 09:49:18AM -0700, Ray Van Dolson wrote:
Hello;
Running BIND 9.8.2 in RHEL6 (at the latest vendor provided
version --
bind-9.8.2-0.17.rc1) and trying to troubleshoot
In message 1673423961.50595218.1374096753729.javamail.r...@k-state.edu, Lawr
ence K. Chen, P.Eng. writes:
- Original Message -
On Wed, Jul 17, 2013 at 01:58:25PM -0400, Bill Owens wrote:
On Wed, Jul 17, 2013 at 09:49:18AM -0700, Ray Van Dolson wrote:
Hello;
Running
On 7/17/13 2:38 PM, Mark Andrews wrote:
In message 1673423961.50595218.1374096753729.javamail.r...@k-state.edu,
Lawr
ence K. Chen, P.Eng. writes:
- Original Message -
On Wed, Jul 17, 2013 at 01:58:25PM -0400, Bill Owens wrote:
On Wed, Jul 17, 2013 at 09:49:18AM -0700, Ray Van
In message 51e712e5.60...@rancid.berkeley.edu, Michael Sinatra writes:
On 7/17/13 2:38 PM, Mark Andrews wrote:
In message 1673423961.50595218.1374096753729.javamail.r...@k-state.edu,
Lawr
ence K. Chen, P.Eng. writes:
- Original Message -
On Wed, Jul 17, 2013 at
On Wed, Jul 17, 2013 at 02:55:49PM -0700, Michael Sinatra wrote:
Try contacting dotgov.gov
regist...@dotgov.gov or 877-734-4688 or 703-948-0723
They'll have phone numbers for the people they need to contact for fbi.gov
to
get things fixed.
Which would not be required if .gov
10 matches
Mail list logo