Hi swinog / init7
Thanks @adrian for the report and @daniel for pointing out the NXDOMAIN issue.
Maybe this is well-known, but I would like to point out that this swinog list
has a problem with DKIM and SPF.
1) DKIM: not valid ("message has been altered") because of the email forwarding
withou
Luckily I have some historic .ch zone data laying around, so I did a quick
analysis of the number of ALG-7 / ALG-5 / DS-1 domains, please find the
numbers below.
Seems the wipe-out has been performed in chunks, maybe by registrar. SWITCH
willing to share some info?
Also interesing to see that the
Hey SWINOGgers,
I noticed that DNSSEC was somehow auto-disabled at registry level for some .ch
domains I am responsible for.
For these domains, no DS records are published anymore in the .ch zone, dnsviz
shows a broken chain of trust.
However, registrar data still shows that DNSSEC is enabled, b
Thanks Daniel for your helpful answers. Yes, CDS is also something I always
wanted to try, but as usual: no hard pressure, no time... ;-)
BenoƮt Panizzon wrote:
> From their point of view, my 'algo 5' .ch domains have still DNSSEC active
Basically the same behavior I had with my 'algo 7' domains
Hi all,
Thanks for your replies, you basically backed my work assumption concerning
deprecated algorithms, good to know.
However, this raises some questions about the chosen proceeding of "just
wiping" algo 5/7 and digest 1 DS records from the .ch zone...
Affected domain holders should and cou
Hey SWINOGgers,
I noticed that DNSSEC was somehow auto-disabled at registry level for some .ch
domains I am responsible for.
For these domains, no DS records are published anymore in the .ch zone, dnsviz
shows a broken chain of trust.
However, registrar data still shows that DNSSEC is enabled, b
6 matches
Mail list logo