RE: Broken trust chain presumably due to some zone operators using LetsEncrypt certificates

Ondřej Surý said: > Hi Richard, > this is not the case. > slack.com botched their DS/DNSKEY deployment (there’s a thread on > dns-operations about it). Thanks for the correction, my mistake. Apologies for the list spam! Richard. ___ Please visit https

Re: Broken trust chain presumably due to some zone operators using LetsEncrypt certificates

Hi Richard, this is not the case. slack.com botched their DS/DNSKEY deployment (there’s a thread on dns-operations about it). Ondrej -- Ondřej Surý (He/Him) ond...@isc.org > On 1. 10. 2021, at 18:46, Richard T.A. Neal wrote: > > For those of you facing a curious issue with BIND failing to re

Broken trust chain presumably due to some zone operators using LetsEncrypt certificates

For those of you facing a curious issue with BIND failing to resolve records for some zones today it’s not necessarily BIND having “a Friday moment” 😊 It looks like the LetsEncrypt root certificate expiry is even impacting some DNSSEC zones that have used a LetsEncrypt certificate to sign their