Re: login.authorize.net has A and CNAME records

[Tony Finch <dot () dotat at>]

Seth Mattinen <sethm () rollernet us> wrote:
> I'm beginning to think this is a DNSSEC related problem, I'll ask on the
> pdns-users list. I see it's asking for a DS record on
> login.authorize.net.cdn.cloudflare.net when the nearest one appears to be at
> cloudflare.net, so for some reason that's not being applied all the way down.

The probem is that your resolver is trying to prove that
login.authorize.net.cdn.cloudflare.net isn't a delegation point by
querying for its DS record(s). The Cloudflare authoritative DNS servers
return a SERVFAIL for this query, so your resolver isn't able to validate
the answer.

(I also replied on the pdns-users list)

Tony.
-- 
f.anthony.n.finch  <dot () dotat at>  https://dotat.at/
Lyme Regis to Lands End including the Isles of Scilly: North or
northwest 5 or 6, occasionally 7 at first near headlands, decreasing 2
to 4. Slight or moderate, becoming smooth in east. Showers, wintry at
first. Good, occasionally moderate at first.