Is it me or does energystar.gov no longer validate?
Ralph Dolmans
ralph at nlnetlabs.nl
Wed Jan 23 10:16:33 UTC 2019
Hi Rainer,
On 23-01-19 10:55, Rainer Duffner via Unbound-users wrote:
> Hi,
>
> somebody complained that our resolvers could no longer resolve
> energystar.gov
>
> https://dnssec-analyzer.verisignlabs.com/energystar.gov
>
> It seems the reports of the crumbling security of the .gov domain as a
> side-effect of the shutdown aren't exaggerated:
>
> https://news.netcraft.com/archives/2019/01/10/gov-security-falters-during-u-s-shutdown.html
>
>
>
> Or am I doing something wrong?
You are not wrong here, the zone contains expired signatures and does
therefore not validate.
-- Ralph
>
>
> Strange enough, our AD resolvers that forward to our unbound validating
> resolvers still report an IP, with a TTL of 0 (zero, nought).
>
>
>
> Rainer
More information about the Unbound-users
mailing list