On Sat, Nov 07, 2015 at 01:09:37PM -0800, Glen wrote:
I'll open a trouble ticket with Afilias; however, for the moment, I
have re-signed all the files locally, and done a serial number
increment, and pushed them to Afilias. I will watch to see if that
clears it.
Looks better now:
http://dnsviz.net/d/irtf.org/dnssec/
I highly recommend automated monitoring of RRSIG lifetimes of at
least the core zone apex records: DNSKEY, NS, SOA and MX across
all the nameservers, master and slaves. I'm doing it for my own
zones, to avoid any surprises with failure of replication or refresh
of signatures on the master. The watched kettle has not boiled yet.
Also, please let me remind everyone on the list that the reporting
address for things of this type is ietf-action(_at_)ietf(_dot_)org.
I'll squirrel that away.
--
Viktor.