Tony Finch · Oct 11, 2018 · 9:24 AM UTC

Tony Finch

Tony Finch @fanf

11 Oct 2018

Checking ahead of the DNSSEC root KSK rollover ... all my resolvers have a ttl > 24h for the root DNSKEY RRset, so I plan to give them a delicate kick after H-hour to ensure things are OK before I head to Amsterdam tomorrow

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · Oct 11, 2018 · 9:28 AM UTC

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 @dsilverstone

11 Oct 2018

I've had to deal with a number of KSK rollovers for the first time in production recently. I only fluffed up one of them (the most important one) :-) I need to see if I can automate GANDI to update the KSKs

Tony Finch · Oct 11, 2018 · 9:32 AM UTC

Tony Finch @fanf

11 Oct 2018

I have some old half-finished code for talking to their XML-RPC service, but I don't know if that is still a thing after their revamp (I'm gradually moving our non ac.uk domains for stupid biiling reasons)

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · Oct 11, 2018 · 9:58 AM UTC

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · Oct 11, 2018 · 9:58 AM UTC

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 @dsilverstone

11 Oct 2018

Replying to @fanf

Mmm, I just want a way to send them signed instructions for DNS changes. PGP signed email would be fine :-D

Oct 11, 2018 · 9:58 AM UTC

Tony Finch · Oct 11, 2018 · 9:59 AM UTC

Tony Finch @fanf

11 Oct 2018

Replying to @dsilverstone

Even nominet has abolished their pgp automaton :-(

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · Oct 11, 2018 · 10:01 AM UTC

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 @dsilverstone

11 Oct 2018

Sadness.