It does look like the domain is signed again (as of today).
Of course, it doesn't explain why it got stuck.
-derek
On Wed, April 14, 2021 7:17 am, Graham Leggett wrote:
> On 14 Apr 2021, at 10:08, Linas Vepstas wrote:
>
>> I'm deeply unhappy with dnssec; it's the worst technology I've
>> ever
On 14 Apr 2021, at 10:08, Linas Vepstas wrote:
> I'm deeply unhappy with dnssec; it's the worst technology I've
> ever had the displeasure of using. I'm finding it quite difficult
> to avoid writing a tirade.
More and more DNS providers are doing hosted DNSSEC - the full you give us the
TLSA
At this time, the system seems to be automatically signing,
on a timely and regular basis, a file that was manually signed
some months ago, containing the expired signature. Obviously,
this is wrong.
So far, my attempts to get it to not do this have been met with
failure. I've been scouring the