subject:"\[dns\-operations\] Signature expired for the DS of .ch at Cloudflare \?"

Re: [dns-operations] Signature expired for the DS of .ch at Cloudflare ?

2023-10-05 Thread Petr Špaček


On 04. 10. 23 10:38, Stephane Bortzmeyer wrote:

On Wed, Oct 04, 2023 at 10:35:14AM +0200,
  Stephane Bortzmeyer  wrote
  a message of 57 lines which said:


Other instances of Cloudflare has the correct info:

% dig +cd +nsid @1.1.1.1 DS ch.


https://www.cloudflarestatus.com/

Investigating - Cloudflare is aware of, and investigating, DNS resolution 
issues which potentially impacts multiple users using 1.1.1.1 public resolver 
and/or WARP.

Further detail will be provided as more information becomes available.
Oct 04, 2023 - 08:19 UTC


Details are now here:
https://blog.cloudflare.com/1-1-1-1-lookup-failures-on-october-4th-2023/

--
Petr Špaček
Internet Systems Consortium

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Signature expired for the DS of .ch at Cloudflare ?

2023-10-04 Thread Marek Vavruša

Hi Stephane,

We published a blog post with RCA and more details here
https://blog.cloudflare.com/1-1-1-1-lookup-failures-on-october-4th-2023/
The issue was the local resolver root zone copy was stale and not
removed from production in some places.
I'm sorry for any issues encountered.

Marek

On Wed, 4 Oct 2023 at 01:53, Stephane Bortzmeyer  wrote:
>
> On Wed, Oct 04, 2023 at 10:35:14AM +0200,
>  Stephane Bortzmeyer  wrote
>  a message of 57 lines which said:
>
> > Other instances of Cloudflare has the correct info:
> >
> > % dig +cd +nsid @1.1.1.1 DS ch.
>
> https://www.cloudflarestatus.com/
>
> Investigating - Cloudflare is aware of, and investigating, DNS resolution 
> issues which potentially impacts multiple users using 1.1.1.1 public resolver 
> and/or WARP.
>
> Further detail will be provided as more information becomes available.
> Oct 04, 2023 - 08:19 UTC
>
> ___
> dns-operations mailing list
> dns-operations@lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Signature expired for the DS of .ch at Cloudflare ?

2023-10-04 Thread Stephane Bortzmeyer

On Wed, Oct 04, 2023 at 10:35:14AM +0200,
 Stephane Bortzmeyer  wrote 
 a message of 57 lines which said:

> Other instances of Cloudflare has the correct info:
> 
> % dig +cd +nsid @1.1.1.1 DS ch.

https://www.cloudflarestatus.com/

Investigating - Cloudflare is aware of, and investigating, DNS resolution 
issues which potentially impacts multiple users using 1.1.1.1 public resolver 
and/or WARP. 

Further detail will be provided as more information becomes available.
Oct 04, 2023 - 08:19 UTC

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

[dns-operations] Signature expired for the DS of .ch at Cloudflare ?

2023-10-04 Thread Stephane Bortzmeyer

Other instances of Cloudflare has the correct info:

% dig +cd +nsid @1.1.1.1 DS ch.

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> +cd +nsid @1.1.1.1 DS ch.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20816
;; flags: qr aa rd ra cd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
; NSID: 35 33 38 6d 31 37 38 ("538m178")
;; QUESTION SECTION:
;ch.IN DS

;; ANSWER SECTION:
ch. 86400 IN DS 10 13 2 (
0E175543A74D9083EA977BAB2BEE98A771995F80982F
B796B2B0B9CC6413D1A6 )
ch. 86400 IN RRSIG DS 8 1 86400 (
2023100405 2023092104 11019 .
U0PZSe2x3/R7P1+TKdnX9DSFxRtfvJIEdnI3q4MhSVuq
jX8HiqpU613EAyLF3s9IINPg+ctOSKWOzULMpZK+sbX9
NBzzRevhbHFziGNgqupscrxFKX7PGvRXKjmwfcfi7X4n
nvOlpsW0glNixT4M4vjdzO2bYDmgwzfwoosDy3r2W5e8
VKBn4lj75nqI/fgtLJQyi2pDHokZ5qRnzQ4/lsajwRsP
CnOgGnmtTyq3HRnI9cng5Lqv6yDHYacIk2Fpte6ehirN
oLwGaSwtWk7Tf1k/GpNKB3kpYb/e8VYVQ7c1ydwk7on7
tVn6hUaNlHpVbj8eFHXQYmRfvAl8+VAMBw== )

;; Query time: 8 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Wed Oct 04 10:34:06 CEST 2023
;; MSG SIZE  rcvd: 377

% dig  +nsid @1.1.1.1 DS ch.

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> +nsid @1.1.1.1 DS ch.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52317
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
; EDE: 7 (Signature Expired): (failed to verify ch. DS: RRSIG ch., expiration = 
1696395600)
; NSID: 35 33 32 6d 33 33 ("532m33")
;; QUESTION SECTION:
;ch.IN DS

;; Query time: 8 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Wed Oct 04 10:34:50 CEST 2023
;; MSG SIZE  rcvd: 106
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Signature expired for the DS of .ch at Cloudflare ?

Re: [dns-operations] Signature expired for the DS of .ch at Cloudflare ?

Re: [dns-operations] Signature expired for the DS of .ch at Cloudflare ?

[dns-operations] Signature expired for the DS of .ch at Cloudflare ?

4 matches

Site Navigation

Mail list logo

Footer information