Hide Forgot
The domain "fedoraproject.org" is DNSSEC signed; however, the key is only in DLV and not in .org. Currently: Domain shows up as "orange" with Firefox's DNSSEC AddOn as it is signed but there is no trust chain from ".". Expected: The DNSSEC key is also included as DS in .org. See http://dnsviz.net/d/fedoraproject.org/dnssec/ As the domain is already signed and the key is in DLV, it should be straight forward to include it also there. Side remark: As .com domains can be now also signed, you could consider also DNSSEC signing bugzilla.redhat.com (cf. http://dnsviz.net/d/bugzilla.redhat.com/dnssec/ )
Thanks for your report, please allow me to direct you to where to pursue the matter. For fedoraproject.org DNS, you would normally either email webmaster or file a ticket in the Fedora Infrastructure team's Trac instance: https://fedorahosted.org/fedora-websites/ The Fedora teams do not work with the domain admins for redhat.com. You can reach them at domainadmin. Regarding DNSSEC, I asked about this ticket on IRC (#fedora-websites or #fedora-admin on irc.freenode.net), and was informed that one of the team is already working on DNSSEC but may be waiting for our registrar to support DNSSEC. If you want to learn more or think you can help further, please use the Fedora Infrastructure team contact information from above.