We are planning to publish the slack.com DS record at the ‘.com’ zone on Feb 12th at 7AM PST (15:00 UTC). Our authoritative zone and delegated zones are already signed and have their link of the chain of trust all set. If you see any issues with slack.com in your networks after or on Feb 12th we’d be very grateful if you can contact us.
It was a subtle bug in a particular DNS server implementation (Route53),
where wildcard NODATA responses were being returned with an incorrect
type bitmap in the NSEC record. This caused some DNS resolver
implementations that do aggressive negative caching (with RR type
inference) to fail to lookup some subsequent record types. (That bug is