Different link for NSEC3 as nsec3.org is down

diff --git a/input/dsablog/2010/02/Securing_the_Debian_zones.mdwn b/input/dsablog/2010/02/Securing_the_Debian_zones.mdwn
index 5ebffa5..9cd3524 100644 (file)
--- a/input/dsablog/2010/02/Securing_the_Debian_zones.mdwn
+++ b/input/dsablog/2010/02/Securing_the_Debian_zones.mdwn
@@ -28,7 +28,7 @@ DNS infrastructure
 <code>www</code>)
 will follow at a later date.
 
 <code>www</code>)
 will follow at a later date.
 

-We are using bind 9.6 for [NSEC3](http://www.nsec3.org/) support and
+We are using bind 9.6 for [NSEC3](http://tools.ietf.org/html/rfc5155) support and

 [our](http://git.debian.org/?p=mirror/Net-DNS-SEC-Maint-Key.git)
 [fork](http://git.debian.org/?p=mirror/Net-DNS-SEC-Maint-Zone.git)
 of RIPE's
 [our](http://git.debian.org/?p=mirror/Net-DNS-SEC-Maint-Key.git)
 [fork](http://git.debian.org/?p=mirror/Net-DNS-SEC-Maint-Zone.git)
 of RIPE's


@@ -42,7 +42,7 @@ We will use NSEC3RSASHA1 with key sizes of 1536 bits for the KSK and
 1152 bits for the ZSK.  Signature validity period will most likely be
 four weeks, with a one week signature publication period
 (cf. [RFC4641: DNSSEC Operational
 1152 bits for the ZSK.  Signature validity period will most likely be
 four weeks, with a one week signature publication period
 (cf. [RFC4641: DNSSEC Operational

-Practices](http://www.ietf.org/rfc/rfc4641.txt)).
+Practices](http://tools.ietf.org/html/rfc4641)).

 
 Zone keys rollovers will happen regularly and will not be announced in
 any specific way.  Key signing key rollovers will probably be announced
 
 Zone keys rollovers will happen regularly and will not be announced in
 any specific way.  Key signing key rollovers will probably be announced