[LACNIC/Seguridad] [lacnog] DNSSEC validation issue en Nominet
Francisco Arias
francisco en arias.com.mx
Vie Sep 24 12:56:42 BRT 2010
Nominet acaba de publicar un reporte sobre el incidente.
Saludos,
Francisco.
---------- Forwarded message ----------
From: Roy Arends <roy en dnss.ec>
Date: 24 September 2010 05:21
Subject: [Dnssec-deployment] DNSSEC Incident Report
To: dnssec-deployment en dnssec-deployment.org
Cc: Roy Arends <roy en nominet.org.uk>
Hi,
We've put together an incident report on validation issues two weeks ago:
http://blog.nominet.org.uk/tech/2010/09/24/dnssec-incident-report/
Kind regards,
Roy Arends
Head of Research
Nominet UK
2010/9/13 Carlos Martinez <carlosmarcelomartinez en gmail.com>:
> Ups... tenemos que tener cuidado con estas cosas! ¿Como que el backup no
> tenia las mismas claves?
>
> 2010/9/11 Arturo Servin <aservin en lacnic.net>
>>
>>
>> http://www.nominet.org.uk/registrars/systems/serviceannouncements/?contentId=7872
>> >>>>
>> DNSSEC validation issue
>>
>>
>> Due to a failure of a Hardware Security Module (HSM), as a matter of
>> precaution, we failed over to our backup signing system this afternoon. As
>> the backup system did not use the exact same Zone Signing Keys (ZSK), there
>> is the possibility of validation failures. To make sure validators use the
>> correct zone signing keys, caches might need to be flushed.
>>
>>
>> <<<<
>> _______________________________________________
>> LACNOG mailing list
>> LACNOG en lacnic.net
>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>
>
>
>
> --
> ========================
> Carlos M. Martinez-Cagnazzo
> http://cagnazzo.name
> ========================
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
>
>
Más información sobre la lista de distribución Seguridad