Comcast DNSSEC

Peter Kristolaitis alter3d at
Wed Jan 11 01:10:56 UTC 2012

Wow!  Congrats to the Comcast crew, that's absolutely awesome!

Definitely interested in hearing any "lessons learned" that you can 
share from the exercise.

- Pete

On 1/10/2012 6:24 PM, Jeremy Bresley wrote:
> Hadn't seen this mentioned yet.
> Comcast has signed all their managed domains, as well as deployed 
> DNSSEC resolvers for their customers.  And they're encouraging others 
> to make the jump to DNSSEC now as well, especially e-comm/banking sites.
> Nice work guys, any of the Comcast guys on the list want to give us an 
> idea how much work is involved in this from a large-scale service 
> provider perspective to do it?  Any big caveats you encountered that 
> people should watch out for?
> Jeremy "TheBrez" Bresley
> brez at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4418 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the NANOG mailing list