On Thu, Jan 29, 2015 at 11:42:35PM +0000, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 09:53:12PM +0000, Viktor Dukhovni wrote:
I am now pleased to report that forpsi.cz have fixed all but two of their domains (corner case not addressed by main fix). With any luck hostnet.nl will follow relatively soon.
The top 9 problem DNS hosting providers are now:
481 hostnet.nl 121 citynetwork.se 17 interstroom.nl 10 grdns.cz 10 binero.se 6 metaregistrar.nl 6 swedenmail.com 5 openprovider.eu 4 thosting.cz
It looks like interstroom.nl are done too.
And now hostnet.nl are also done. This leaves just 203 known broken domains, with only the below 11 providers with with more than one broken domain:
121 citynetwork.se 11 grdns.cz 10 binero.se 7 metaregistrar.nl 6 swedenmail.com 4 dnscluster.nl 4 openprovider.eu 2 pretecno.it 2 papaki.gr 2 kniestdns.nl 2 forpsi.net
I am hoping for some good news from citynetwork.se in the not too distant future. At which point I am basically ready to declare victory. The residual problems are essentially noise by comparison with the 1047 DANE-enabled domains, and ~30,000 domains with DNSSEC MX records and MX hosts in signed zones that are neither DANE-enabled (no TLSA records) nor broken.