[118108] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: .se disappeared?

daemon@ATHENA.MIT.EDU (Hauke Lampe)
Mon Oct 12 18:25:15 2009

Date: Tue, 13 Oct 2009 00:23:46 +0200
From: Hauke Lampe <list+nanog@hauke-lampe.de>
To: Mikael Abrahamsson <swmike@swm.pp.se>
In-Reply-To: <alpine.DEB.1.10.0910122255280.5824@uplift.swm.pp.se>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig4B38F853400AE038F802AF53
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Mikael Abrahamsson wrote:

> All .se cctld-servers are now updated, so if you're still seeing
> problems, please reload your resolvers.

Even after a cache reload, the SOA record appears still bogus:

| se has SOA record catcher-in-the-rye.nic.se. registry-default.nic.se.
2009101211 1800 1800 2419200 7200 (BOGUS (security failure))

even though other records are unaffected:

| se has NS record a.ns.se. (secure)

BIND logs a failure but returns an answer without AD flag:

| named[2843]: validating @0xb50c0030: se SOA: no valid signature found

~$ dig +dnssec -t mx se

; <<>> DiG 9.7.0a3 <<>> +dnssec -t mx se
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55359
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 1
[...]

Unbound returns SERVFAIL instead. I don't quite understand why BIND
doesn't so, too.


Hauke.


--------------enig4B38F853400AE038F802AF53
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkrTrIUACgkQKIgAG9lfHFP7XQCdGRfhBO+lqFwqZ97oiuBkcqlH
H38AoI4aOn9fg5pR6WVGfcEEK0Hj0FLB
=wYG+
-----END PGP SIGNATURE-----

--------------enig4B38F853400AE038F802AF53--
home help back first fref pref prev next nref lref last post