.gov DNSSEC operational message

Wessels, Duane dwessels at verisign.com
Wed Aug 14 23:16:37 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On the morning of August 14, a relatively small number of networks
may have experienced an operational disruption related to the signing
of the .gov zone.  In preparation for a previously announced algorithm
rollover, a software defect resulted in publishing the .gov zone
signed only with DNSSEC algorithm 8 keys rather than with both
algorithm 7 and 8.  As a result .gov name resolution may have failed
for validating recursive name servers.  Upon discovery of the issue,
Verisign took prompt action to restore the valid zone.

Verisign plans to proceed with the previously announced .gov algorithm
rollover at the end of the month with the zone being signed with
both algorithms for a period of approximately 10 days.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJSDA5cAAoJEGyZpGmowJiNQEIH/j3Q649aTV2tmNBWWdSweub9
pSONxMRzD+xS5DqAP/P6x6zw3WTI9oAKESWRiaJjwSR23PP5e94sGFjZJoDW5hnW
MqkMGpI2ARB7NNMwYTkwhxK+DFe5fPldSz2eW11AQpy8pSOpVEmVtMW2/lWF1Ykx
Auu4HMqFJ930WvpwlyUL+zM3sbm4Mg1q3nb/QAoK7F541CPlvUCSHeVDgwTGDlqu
3SlGr9ztb0BR3203rA1cqlC//XJ1MXZNkE2cye+mXCIEvXJ4q4cA7QS6m6uq7OzT
hMMmr0R1q+laOiVkdjaDXxXTbxHzviRAGbPLB+DPvOHd0Hg3srWmoCSNKDWEx2M=
=FCd7
-----END PGP SIGNATURE-----





More information about the NANOG mailing list