DNSSEC on the resolver-side?

Marco Davids (Prive) mdavids at forfun.net
Wed Mar 23 06:58:19 CDT 2011


Hi,

I wonder... How many people here have activated DNSSEC validation on their 
resolvers?

Please let me know off-list when the page below results in a green tick:

http://dnssectest.sidn.nl/

Additional details are welcome, like:

- The IP-address of the resolver(s) you used (if you know)
- Whether this is an 'official' resolver at an ISP or not
- You current IP-address, or the ISP you are at (http://ip.sidn.nl might be 
helpful).

Maybe some of you DNS-gurus are even able to tell why DNSSEC validation failed, 
even when using DNSSEC-enabled resolvers. For example because of some 
old-school DNS-forwarder in your ADSL modem or something. That would be 
great information also.

The reason for this post is just for me to get a rough understanding of the 
level of DNSSEC adoption on the resolver-side and the problems that 
might still exist with DNSSEC validation.

The NANOG wiki (http://nanog.cluepon.net) has nothing 
about DNSSEC yet. Would it be an idea to add something about DNSSEC? I am more 
than willing to do the kick-off for that.

Regards,

--
Marco




More information about the NANOG mailing list