[GNC-dev] Gnucash.org DNSSec expired March 14th.

Linas Vepstas linasvepstas at gmail.com
Wed Apr 14 01:10:22 EDT 2021


At this time, the system seems to be automatically signing,
on a timely and regular basis, a file that was manually signed
some months ago, containing the expired signature. Obviously,
this is wrong.

So far, my attempts to get it to not do this have been met with
failure. I've been scouring the documentation and the blog
articles, and my version of bind9 does not seem to do what
all the bloggers and docs say it should; at least, not without
cryptic errors of all varieties.  I'll try again tomorrow.

I'm deeply unhappy with dnssec; it's the worst technology I've
ever had the displeasure of using. I'm finding it quite difficult
to avoid writing a tirade.

--linas

On Tue, Apr 6, 2021 at 7:28 PM Derek Atkins <derek at ihtfp.com> wrote:

> Hi Linas,
>
> The GnuCash DNSSec signer stopped working a month ago and the domain
> signatures expired March 14th.  Any chance you could kick it?
>
> Also, any chance we could set up some validator to notify if the
> expiration is impending?
>
> Thanks,
>
> -derek
>
> --
>        Derek Atkins                 617-623-3745
>        derek at ihtfp.com             www.ihtfp.com
>        Computer and Internet Security Consultant
>
>

-- 
Patrick: Are they laughing at us?
Sponge Bob: No, Patrick, they are laughing next to us.


More information about the gnucash-devel mailing list