Just looking quickly, if you look back in dnsviz on Sept 15, I think a KSK roll over didn't go as plan... https://dnsviz.net/d/ke/YyK2rw/dnssec/
Now, here's a nice feature, a play button that shows a step by step of key roll over. -----Original Message----- From: dns-operations <[email protected]> On Behalf Of Bill Woodcock Sent: September 23, 2022 12:45 PM To: Jan-Piet Mens <[email protected]> Cc: [email protected] Subject: [EXT] Re: [dns-operations] Why did .KE go insecure? ns36.cdns.net [Some people who received this message don't often get email from [email protected]. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] > On Sep 23, 2022, at 6:09 PM, Jan-Piet Mens via dns-operations > <[email protected]> wrote: > > > From: Jan-Piet Mens <[email protected]> > Subject: Why did .KE go insecure? ns36.cdns.net > Date: September 23, 2022 at 6:09:04 PM GMT+2 > To: [email protected] > > > Out of curiousity, does anybody know why .KE went insecure just after > 2022-09-15 18:37Z [1]? They appear to have removed all DNSSEC related data > meanwhile [2]. Yes. I imagine they’ll make an announcement at some point. It wasn’t to do with a failure of DNSSEC systems. -Bill _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
