Updated: October 3, 2015
Using HAD Monitor
HAD Monitor is an automated DNSSEC outage finder from NIST. It regularly scans .gov looking for DNSSEC problems.
HAD Monitor is an interesting resource but it should be taken with a big grain of salt. Although DNSSEC is unreliable, HAD Monitor frequently and dramatically overstates the severity of outages.
Observe: "SCIJINKS.GOV is back to normal #DNSSEC operations after 274 days." Wow. 274 days would merit (at the time of this writing!) a spot on the Long DNSSEC Outages section. Only problem is, the outage lasted only a day, practically too short to even notice by DNSSEC standards:
- 2015-10-01 07:27:45 UTC — no DNSSEC outage yet
- 2015-10-01 15:27:10 UTC — algorithm errors
- 2015-10-01 23:27:31 UTC — algorithm errors
- 2015-10-02 04:05:25 UTC — fixed
Note that this type of DNSSEC error results in a DNSSEC outage for users of Unbound, but not BIND. We're certainly not talking about a 274 day outage. I think HAD Monitor has some crazy bugs.
So use it as a basic guide, but there are much better tools and sources of information on DNSSEC outages.