Normally, all of the Comcast 75.75.x.x and 68.87.x.x servers shown in the GRC test above return a good DNSSEC response, but at this time only the 126.96.36.199 and 188.8.131.52 servers appear to be working correctly.
Summary: Basic DNS resolution from the Comcast servers seems to be working OK, but there appears to be a problem with DNSSEC compliance. FWIW, this was not causing the problem I was troubleshooting (that was a fat finger error I made in my local DNS server), but it did surprise me since normally I pass the DNSSEC tests.--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.