Is the FBI's DNSSEC broken?

John Levine johnl at
Wed Sep 4 09:04:41 UTC 2013

In article <52265AA4.6000404 at> you write:
>Le 03/09/2013 23:28, John Levine a écrit :
>>>> On Fri, Aug 30, 2013 at 10:27:36PM +0000, John Levine wrote:
>>>>> I don't claim to be a big DNSSEC expert, but this looks just plain
>>>>> wrong to me, and unbound agrees, turning it into a SERVFAIL.
>> I heard back, seems like I found someone at the FBI who was able to
>> explain the problem to Neustar (DNS software provider) who say they
>> will fix it.
>So, what was the problem then?

What we said it was, missing signatures on some NODATA results.

More information about the NANOG mailing list