[dns-operations] Hall of DNS Shame (?)

Daniel Stirnimann daniel.stirnimann at switch.ch
Tue Jan 24 15:48:30 UTC 2017

> I've been thinking lately (after seeing all the DNS protocol violations)
> that a collaborative list of all DNS protocol violations in the wild
> might be beneficial to both DNS implementors and also to increase a
> pressure on those operators to fix their issues.
> Perhaps we can have such list at some neutral place like DNS-OARC?

Apart from a list, we need a testing tool and a reference to an RFC
which tells how to fix it.

I actually quite like the EDNS compliance test from isc.org. It does not
cover other DNS protocol violations but it's a start. It would need to
be extended with a public archive of failed tests and then maybe a short
list of failed domains listed in Alexa/OpenDNS.

btw: my current favorite is download.adobe.com which fails with DNS
Cookies (https://ednscomp.isc.org/ednscomp/16a4edd864). No more Adobe
downloads from the Swiss NREN resolvers!


More information about the dns-operations mailing list