forked from critical/dns-zones
12f67876e4
Drop A records for audit.cacert.org and dev.cacert.org (no longer existing) and add A record for openppm.cacert.org, per e-mail request from Benedik Heintel on June 1, 2014. Add resource records for critmon.cacert.org. git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2560 14b1bab8-4ef6-0310-b690-991c95c89dfd
397 lines
17 KiB
Text
397 lines
17 KiB
Text
|
|
RCS file: /var/opendnssec/unsigned/RCS/cacert.org,v
|
|
Working file: /var/opendnssec/unsigned/cacert.org
|
|
head: 1.82
|
|
branch:
|
|
locks: strict
|
|
access list:
|
|
symbolic names:
|
|
keyword substitution: kv
|
|
total revisions: 82; selected revisions: 82
|
|
description:
|
|
cacert.org - zone file for cacert.org
|
|
----------------------------
|
|
revision 1.82
|
|
date: 2014/06/10 13:03:07; author: root; state: Exp; lines: +11 -2
|
|
Add resource records for critmon.cacert.org.
|
|
----------------------------
|
|
revision 1.81
|
|
date: 2014/06/01 07:40:21; author: root; state: Exp; lines: +4 -6
|
|
Drop A records for audit.cacert.org and dev.cacert.org (no longer existing) and
|
|
add A record for openppm.cacert.org, per e-mail request from Benedik Heintel on
|
|
June 1, 2014.
|
|
----------------------------
|
|
revision 1.80
|
|
date: 2014/05/30 15:29:52; author: root; state: Exp; lines: +6 -2
|
|
Add some missing SSHFP records for infrastructure.cacert.org.
|
|
----------------------------
|
|
revision 1.79
|
|
date: 2014/04/07 14:12:09; author: root; state: Exp; lines: +3 -2
|
|
Add experimental AAAA record for ocsp-ipv6.cacert.org.
|
|
----------------------------
|
|
revision 1.78
|
|
date: 2014/02/23 20:39:43; author: root; state: Exp; lines: +6 -2
|
|
Add two CNAME records per e-mail request from Mario Lipinski on 23.02.2014.
|
|
----------------------------
|
|
revision 1.77
|
|
date: 2014/02/08 12:20:55; author: root; state: Exp; lines: +4 -4
|
|
Remove SSHFP records for monitor.cacert.org, because they are illegal: monitor is a CNAME.
|
|
Add CNAME records for www.test.cacert.org and www.test2.cacert.org per e-mail request
|
|
from Mario Lipinski on 08.02.2014.
|
|
----------------------------
|
|
revision 1.76
|
|
date: 2014/02/06 15:40:10; author: root; state: Exp; lines: +73 -5
|
|
Add SSHFP records for infrastructure hosts.
|
|
Reorganize layout for better readability and maintainability.
|
|
----------------------------
|
|
revision 1.75
|
|
date: 2014/02/06 13:43:11; author: root; state: Exp; lines: +7 -7
|
|
Remove indentation added in previous commit: it is not allowed by ods-signer.
|
|
----------------------------
|
|
revision 1.74
|
|
date: 2014/02/06 13:37:58; author: root; state: Exp; lines: +9 -5
|
|
Name changes per e-mail request from Mario Lipinski on 05.02.2014.
|
|
----------------------------
|
|
revision 1.73
|
|
date: 2014/01/29 13:24:18; author: root; state: Exp; lines: +6 -2
|
|
Add four new infrastructure systems.
|
|
----------------------------
|
|
revision 1.72
|
|
date: 2014/01/27 16:03:20; author: root; state: Exp; lines: +3 -2
|
|
Add AAAA record for ns1.cacert.org.
|
|
----------------------------
|
|
revision 1.71
|
|
date: 2014/01/25 16:50:15; author: root; state: Exp; lines: +4 -2
|
|
Add SSHFP records for hopper.
|
|
----------------------------
|
|
revision 1.70
|
|
date: 2014/01/25 16:46:14; author: root; state: Exp; lines: +3 -2
|
|
Add IPv6 address for hopper.cacert.org.
|
|
----------------------------
|
|
revision 1.69
|
|
date: 2014/01/23 15:37:34; author: root; state: Exp; lines: +3 -2
|
|
Add A record for eu.cacert.org (which is actually cacert.eu),
|
|
to show that the IPv4 address in our range is taken.
|
|
----------------------------
|
|
revision 1.68
|
|
date: 2013/12/20 16:04:43; author: root; state: Exp; lines: +2 -4
|
|
Drop wwwmail (mail name for www server) from the DNS.
|
|
----------------------------
|
|
revision 1.67
|
|
date: 2013/12/17 16:27:00; author: root; state: Exp; lines: +10 -9
|
|
Updates requested by Mario Lipinski (e-mail 14.12.2013).
|
|
----------------------------
|
|
revision 1.66
|
|
date: 2013/12/11 15:47:08; author: root; state: Exp; lines: +14 -2
|
|
Add SSHFP records for cacert-fw01 and cacert-fw02.
|
|
----------------------------
|
|
revision 1.65
|
|
date: 2013/12/09 13:52:36; author: root; state: Exp; lines: +8 -2
|
|
Add address records for cacert-fw, cacert-fw01 and cacert-fw02.
|
|
----------------------------
|
|
revision 1.64
|
|
date: 2013/11/27 16:37:59; author: root; state: Exp; lines: +3 -3
|
|
Update TXT spf1 record for blog.cacert.org.
|
|
----------------------------
|
|
revision 1.63
|
|
date: 2013/10/26 19:53:08; author: root; state: Exp; lines: +3 -3
|
|
Include more addresses in SPF record for cacert.org, since the mail probes
|
|
from the web server may come from different addresses (sad but true).
|
|
----------------------------
|
|
revision 1.62
|
|
date: 2013/10/24 15:45:16; author: root; state: Exp; lines: +3 -2
|
|
Add SPF record for cacert.org.
|
|
----------------------------
|
|
revision 1.61
|
|
date: 2013/06/01 08:55:22; author: root; state: Exp; lines: +4 -4
|
|
Update A and AAAA records for ns3 after server migration of mars.overmeer.net.
|
|
----------------------------
|
|
revision 1.60
|
|
date: 2013/05/14 10:37:19; author: root; state: Exp; lines: +2 -7
|
|
Drop obsolete name 'hlin' from the cacert.org zone.
|
|
Drop wwwdb and securedb entries which were added for testing new web server.
|
|
----------------------------
|
|
revision 1.59
|
|
date: 2013/03/17 10:19:32; author: root; state: Exp; lines: +2 -5
|
|
Drop nameserver ns2 because it will be taken out of service soon.
|
|
A corresponding change has already been made in the GKG.NET registry.
|
|
----------------------------
|
|
revision 1.58
|
|
date: 2013/02/27 16:02:23; author: root; state: Exp; lines: +6 -2
|
|
Add temporary experimental A and AAAA records for wwwdb and securedb,
|
|
as part of the migration of CAcert's main webserver to new hardware.
|
|
----------------------------
|
|
revision 1.57
|
|
date: 2012/06/12 15:06:45; author: root; state: Exp; lines: +3 -3
|
|
Update SPF record for lists.cacert.org because it appears that this host is
|
|
now sending mail directly instead of via the cacert.org mail host, as a result
|
|
of the recent Tunix firewall changes.
|
|
----------------------------
|
|
revision 1.56
|
|
date: 2012/06/07 08:56:09; author: root; state: Exp; lines: +3 -2
|
|
Also add IPv6 address for cacert.org itself.
|
|
----------------------------
|
|
revision 1.55
|
|
date: 2012/06/04 09:56:14; author: root; state: Exp; lines: +5 -2
|
|
Add IPv6 addresses for {www,secure,tverify}.cacert.org in preparation for
|
|
World IPv6 Launch on 6 June 2012.
|
|
----------------------------
|
|
revision 1.54
|
|
date: 2012/05/23 09:24:57; author: root; state: Exp; lines: +4 -2
|
|
Add A records for infrastructure.cacert.org and monitor.cacert.org, both
|
|
pointing to 213.154.225.230, per e-mail request from Mario Lipinski on
|
|
May 23, 2012.
|
|
----------------------------
|
|
revision 1.53
|
|
date: 2012/05/21 08:17:26; author: root; state: Exp; lines: +2 -4
|
|
Remove A records for cod.cacert.org and translingo.cacert.org per e-mail
|
|
request from Mario Lipinski on 20.05.2012.
|
|
----------------------------
|
|
revision 1.52
|
|
date: 2012/04/17 07:07:02; author: root; state: Exp; lines: +3 -3
|
|
Reduce SOA expiration timer from 1 week to 2 days, in order to comply with
|
|
a recommendation made in RFC 4641bis: the SOA expiration timer should be
|
|
between 1/4th and 1/3ed of the size of the signature validity period (1 week).
|
|
----------------------------
|
|
revision 1.51
|
|
date: 2012/04/04 15:45:59; author: root; state: Exp; lines: +2 -4
|
|
Drop CNAME records for stamp and timestamp, since this service hasn't been
|
|
supported anymore for years, and has also been removed from the Apache2
|
|
webserver configuration on the CAcert webdb server.
|
|
----------------------------
|
|
revision 1.50
|
|
date: 2012/03/30 09:34:19; author: root; state: Exp; lines: +2 -3
|
|
Remove A record for hashserver service which has been shut down.
|
|
----------------------------
|
|
revision 1.49
|
|
date: 2012/03/29 15:35:37; author: root; state: Exp; lines: +2 -6
|
|
Remove A records for services which have been shut down recently.
|
|
----------------------------
|
|
revision 1.48
|
|
date: 2012/03/27 06:59:08; author: root; state: Exp; lines: +2 -2
|
|
*** empty log message ***
|
|
----------------------------
|
|
revision 1.47
|
|
date: 2012/03/27 06:54:33; author: root; state: Exp; lines: +4 -4
|
|
t=y for DKIM
|
|
----------------------------
|
|
revision 1.46
|
|
date: 2011/12/23 09:32:45; author: root; state: Exp; lines: +2 -3
|
|
Remove A record for research.cacert.org per e-mail request from Piers Lauder.
|
|
----------------------------
|
|
revision 1.45
|
|
date: 2011/09/18 13:55:19; author: root; state: Exp; lines: +4 -2
|
|
Add A record for translations.cacert.org and CNAME record for l10n alias,
|
|
per e-mail from Mario Lipinski on 17.09.2011.
|
|
----------------------------
|
|
revision 1.44
|
|
date: 2011/08/25 09:46:32; author: root; state: Exp; lines: +3 -2
|
|
Add A record for community-vpn per e-mail request from Dominik George on
|
|
24.08.2011.
|
|
----------------------------
|
|
revision 1.43
|
|
date: 2011/07/14 15:30:42; author: root; state: Exp; lines: +3 -2
|
|
Add IPv6 address for ns3 (per e-mail from Mark Overmeer on July 7, 2011).
|
|
----------------------------
|
|
revision 1.42
|
|
date: 2011/07/02 11:16:34; author: root; state: Exp; lines: +3 -2
|
|
Add A record for emailout.cacert.org, attempting to solve e-mail problems
|
|
as requested by Michael Taenzer.
|
|
----------------------------
|
|
revision 1.41
|
|
date: 2011/04/26 07:48:24; author: root; state: Exp; lines: +2 -4
|
|
Drop A records for ldap (per e-mail Mario Lipinski 25.04.2011) and ocsp2
|
|
(was only used during physical migration in June 2010, may be resurrected
|
|
in the future though at some other address).
|
|
----------------------------
|
|
revision 1.40
|
|
date: 2011/04/25 11:50:02; author: root; state: Exp; lines: +3 -3
|
|
Update IPv4 address for cod from .240 to .252 per e-mail from Mario Lipinski
|
|
on 25.04.2011.
|
|
----------------------------
|
|
revision 1.39
|
|
date: 2011/04/13 11:19:00; author: root; state: Exp; lines: +4 -2
|
|
Add cert.svn and nocert.svn as CNAMEs for svn.cacert.org, per e-mail request
|
|
from Jan Dittberner on April 12, 2011.
|
|
----------------------------
|
|
revision 1.38
|
|
date: 2011/01/24 16:13:31; author: root; state: Exp; lines: +2 -4
|
|
Drop dlv TXT RR for validation by dlv.isc.org, because we don't use dlv
|
|
anymore for this zone, its DS record has been uploaded to the registry.
|
|
----------------------------
|
|
revision 1.37
|
|
date: 2010/12/09 13:08:01; author: root; state: Exp; lines: +5 -2
|
|
Add A and AAAA records for ns5.cacert.org (sns-pb.isc.org) and enable
|
|
an NS record for it.
|
|
----------------------------
|
|
revision 1.36
|
|
date: 2010/10/27 14:55:25; author: root; state: Exp; lines: +3 -2
|
|
Enable NS record for ns4.
|
|
----------------------------
|
|
revision 1.35
|
|
date: 2010/10/21 09:55:49; author: root; state: Exp; lines: +4 -2
|
|
Add A and AAAA records for ns4.cacert.org (ns-ext.nlnetlabs.nl).
|
|
----------------------------
|
|
revision 1.34
|
|
date: 2010/10/20 15:48:45; author: root; state: Exp; lines: +2 -4
|
|
Drop dns1.go-now.at. and dns2.go-now.at. from the NS list, since they are
|
|
unable to provide DNSSEC or TSIG service now or in the near future.
|
|
----------------------------
|
|
revision 1.33
|
|
date: 2010/10/15 13:47:05; author: root; state: Exp; lines: +4 -2
|
|
Add dlv TXT RR for validation by dlv.isc.org.
|
|
----------------------------
|
|
revision 1.32
|
|
date: 2010/10/13 09:40:14; author: root; state: Exp; lines: +4 -2
|
|
Add A and AAAA records for wwwmail.cacert.org, to be used as the mailname
|
|
in the postfix configuration of www.cacert.org. To make this fully work,
|
|
we will also request reverse mappings for these A and AAAA addresses
|
|
pointing to wwwmail.cacert.org to be added by BIT.
|
|
----------------------------
|
|
revision 1.31
|
|
date: 2010/10/11 11:19:28; author: root; state: Exp; lines: +3 -4
|
|
Remove obsolete CNAME pastebin pointing to obsoleted druantia.cacert.org.
|
|
Replace CNAME for www.cacert.org by direct A record.
|
|
----------------------------
|
|
revision 1.30
|
|
date: 2010/10/04 15:10:59; author: root; state: Exp; lines: +3 -6
|
|
Drop NS record pointing to dns4.go-now.at. since that machine does not
|
|
provide helpful responses to DNS queries.
|
|
Drop old cruft: records for br.cacert.org and druantia.cacert.org.
|
|
Add IPv6 address for ns2.cacert.org.
|
|
----------------------------
|
|
revision 1.29
|
|
date: 2010/10/03 20:05:15; author: root; state: Exp; lines: +3 -2
|
|
Add A record for board.cacert.org.
|
|
----------------------------
|
|
revision 1.28
|
|
date: 2010/09/15 15:07:39; author: root; state: Exp; lines: +3 -3
|
|
Increase SOA refresh time from 2 hours to 4 hours.
|
|
----------------------------
|
|
revision 1.27
|
|
date: 2010/06/24 21:08:22; author: root; state: Exp; lines: +2 -3
|
|
Remove obsolete A record for *.br.cacert.org.
|
|
----------------------------
|
|
revision 1.26
|
|
date: 2010/06/22 12:49:01; author: root; state: Exp; lines: +3 -4
|
|
Switch ns1 to official CAcert-hosted name server at ns.cacert.org.
|
|
----------------------------
|
|
revision 1.25
|
|
date: 2010/06/21 09:19:27; author: root; state: Exp; lines: +5 -6
|
|
Drop shortened TTLs, migration has finished so we don't need them anymore.
|
|
Drop A record for www2 (only used for migration).
|
|
Add A record for ns.cacert.org, the new master name server for CAcert.
|
|
----------------------------
|
|
revision 1.24
|
|
date: 2010/06/15 16:54:25; author: root; state: Exp; lines: +3 -3
|
|
Fix broken IP address!!!
|
|
----------------------------
|
|
revision 1.23
|
|
date: 2010/06/15 16:17:18; author: root; state: Exp; lines: +5 -5
|
|
Revert to official servers after move to BIT-2B.
|
|
----------------------------
|
|
revision 1.22
|
|
date: 2010/06/15 07:13:00; author: root; state: Exp; lines: +6 -6
|
|
Switch www and ocsp to temporary service.
|
|
Drop special TTL setting for ocsp1 and ocsp2 (not necessary).
|
|
----------------------------
|
|
revision 1.21
|
|
date: 2010/06/11 14:23:56; author: root; state: Exp; lines: +2 -7
|
|
Drop A records for *.way[12345].vhost.cacert.org, since we have no idea
|
|
what they are good for (probably some historic artefact). Main reason for
|
|
doing this now is to check whether our slave servers are picking up the
|
|
notify in time.
|
|
----------------------------
|
|
revision 1.20
|
|
date: 2010/06/04 10:00:19; author: root; state: Exp; lines: +10 -8
|
|
Prepare for dropping dns[124].go-now.at. NS records forever ...
|
|
Add second ocsp record, and explicit name ocsp1 for first (main) ocsp server.
|
|
----------------------------
|
|
revision 1.19
|
|
date: 2010/06/02 10:13:22; author: root; state: Exp; lines: +4 -2
|
|
Add A records for www2 and ocsp2 (backup services at HCC Hobbynet).
|
|
----------------------------
|
|
revision 1.18
|
|
date: 2010/06/01 11:40:33; author: root; state: Exp; lines: +4 -4
|
|
Reduce TTL for A records of cacert.org and ocsp.cacert.org to 5 minutes,
|
|
in anticipation of temporary re-routing during move of BIT server room.
|
|
----------------------------
|
|
revision 1.17
|
|
date: 2010/02/28 10:13:56; author: root; state: Exp; lines: +4 -2
|
|
Add cert.lists.cacert.org and nocert.lists.cacert.org per email request
|
|
from Daniel Black, 20100228.
|
|
----------------------------
|
|
revision 1.16
|
|
date: 2010/01/06 14:36:44; author: root; state: Exp; lines: +4 -2
|
|
Add ns3.cacert.org (mars.overmeer.net).
|
|
----------------------------
|
|
revision 1.15
|
|
date: 2010/01/06 11:06:02; author: root; state: Exp; lines: +6 -3
|
|
Add ns2.cacert.org (newsys.gun.de).
|
|
Document IP numbers of name servers.
|
|
----------------------------
|
|
revision 1.14
|
|
date: 2010/01/05 15:55:21; author: root; state: Exp; lines: +4 -2
|
|
Add A and AAAA RR for ns1.cacert.org (currently housed on ns.deboca.net).
|
|
----------------------------
|
|
revision 1.13
|
|
date: 2009/12/25 15:51:26; author: wytze; state: Exp; lines: +3 -2
|
|
Add ldap.cacert.org A record per e-mail request from Brian Henson.
|
|
----------------------------
|
|
revision 1.12
|
|
date: 2009/10/12 07:56:24; author: wytze; state: Exp; lines: +4 -3
|
|
Rename _ssp._domainkey.lists to _adsp._domainkey.lists and update its
|
|
contents to comply with RFC 5617.
|
|
Add "dkim=unknown" record for _adsp._domainkey.
|
|
Changes requested by Daniel Black, e-mail 12.10.2009 02:19.
|
|
----------------------------
|
|
revision 1.11
|
|
date: 2009/09/17 10:47:04; author: wytze; state: Exp; lines: +3 -3
|
|
Update A record for research per request from Philipp Gühring 16.09.2009.
|
|
----------------------------
|
|
revision 1.10
|
|
date: 2009/09/01 08:02:34; author: wytze; state: Exp; lines: +3 -3
|
|
Renumber paypal from .229 to .250, since .229 appears to be in use as
|
|
the main IP of the mirror firewall.
|
|
----------------------------
|
|
revision 1.9
|
|
date: 2009/08/30 18:16:38; author: wytze; state: Exp; lines: +3 -2
|
|
Add A record for *.forum per request from Christopher Hoth.
|
|
----------------------------
|
|
revision 1.8
|
|
date: 2009/08/29 15:47:50; author: wytze; state: Exp; lines: +2 -2
|
|
Just up the serial number after performin some (failing) tests.
|
|
----------------------------
|
|
revision 1.7
|
|
date: 2009/08/29 15:27:58; author: wytze; state: Exp; lines: +6 -2
|
|
Add four new A records for paypal (.229), cod (.240), test2 (.248) and
|
|
forum (.249).
|
|
----------------------------
|
|
revision 1.6
|
|
date: 2009/08/28 19:07:03; author: wytze; state: Exp; lines: +3 -2
|
|
Add DKIM TXT record for auto._domainkey per request from Daniel Black.
|
|
----------------------------
|
|
revision 1.5
|
|
date: 2009/07/03 10:03:44; author: wytze; state: Exp; lines: +3 -2
|
|
Add new A record for issue.cacert.org per request from Daniel Black.
|
|
----------------------------
|
|
revision 1.4
|
|
date: 2009/06/15 12:24:26; author: wytze; state: Exp; lines: +2 -3
|
|
Remove NS record pointing to dns3.go-now.at. because this one is not
|
|
registered with .ORG, and is also refusing to listen to our notify.
|
|
----------------------------
|
|
revision 1.3
|
|
date: 2009/06/15 12:16:14; author: wytze; state: Exp; lines: +54 -54
|
|
Set default TTL to 12 hours, and remove all explicit TTL settings.
|
|
Adjust some timings in the SOA record.
|
|
This addresses e-mail from Daniel Black on June 14, 2009 and this message:
|
|
https://lists.cacert.org/wws/arc/cacert-support/2009-06/msg00021.html
|
|
----------------------------
|
|
revision 1.2
|
|
date: 2009/06/12 10:18:19; author: wytze; state: Exp; lines: +6 -4
|
|
Perform updates as requested from Georg Markus Kainz on June 5 & 8, 2009.
|
|
----------------------------
|
|
revision 1.1
|
|
date: 2009/06/12 10:11:13; author: wytze; state: Exp;
|
|
Initial revision
|
|
=============================================================================
|