[Dnssec-trigger] A new kind of broken hotspot: RRSIG are OK but NSEC3 are deleted
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Oct 28 18:32:02 UTC 2011
On Thu, Oct 27, 2011 at 07:18:51PM +0200,
W.C.A. Wijngaards <wouter at NLnetLabs.nl> wrote
a message of 43 lines which said:
> If you are still at the hotspot, it should now work (well, probe that it
> does *not* work) :-)
No need to go so far, at the RIPE meeting in Vienna, the hotel has a
broken resolver :-)
This is with 0.7, which seems to detect it and falls back to the authority:
% dnssec-trigger-control status
at 2011-10-28 20:15:40
authority 202.12.27.33: OK
cache 10.0.0.1: error no NSEC3 in nodata reply
state: auth secure
More information about the dnssec-trigger
mailing list