nanog mailing list archives
Re: Comcast DNSSEC
From: Robert Bonomi <bonomi () mail r-bonomi com>
Date: Wed, 11 Jan 2012 01:05:26 -0600 (CST)
From nanog-bounces+bonomi=mail.r-bonomi.com () nanog org Wed Jan 11 00:02:13 2012 Date: Wed, 11 Jan 2012 00:58:31 -0500 From: Scott Schmit <i.grok () comcast net> To: nanog () nanog org Subject: Re: Comcast DNSSEC On Tue, Jan 10, 2012 at 05:24:47PM -0600, Jeremy Bresley wrote:Hadn't seen this mentioned yet. http://blog.comcast.com/2012/01/comcast-completes-dnssec-deployment.html Comcast has signed all their managed domains, as well as deployed DNSSEC resolvers for their customers. And they're encouraging others to make the jump to DNSSEC now as well, especially e-comm/banking sites.Very cool, but they haven't signed *all* of them. comcast.net still isn't signed, nor are any of the reverse zones, nor is comcastonline.com (in Comcast's SOAs). You can probably quibble about whether the reverse zones are important, but comcast.net is quite a significant miss. (Email, DNS, their "more information links", etc.) Still, I'm glad they're doing it, and hopefully reality will catch up with their announcement soon. :-) -- Scott Schmit
Current thread:
- Comcast DNSSEC Jeremy Bresley (Jan 10)
- Re: Comcast DNSSEC Peter Kristolaitis (Jan 10)
- Re: Comcast DNSSEC Cameron Byrne (Jan 10)
- Re: Comcast DNSSEC Scott Schmit (Jan 10)
- Re: Comcast DNSSEC Robert Bonomi (Jan 10)
- Re: Comcast DNSSEC Livingood, Jason (Jan 11)
- Re: Comcast DNSSEC Peter Kristolaitis (Jan 10)