[dns-operations] Emoji "Female" symbol fails to resolve at Google's &

Jim Reid jim at rfc1035.com
Tue Jul 11 18:44:05 UTC 2017

> On 11 Jul 2017, at 18:11, Phillip Hallam-Baker <phill at hallambaker.com> wrote:
> ​It might be as you intend but you are violating the protocol and your resolver is causing systems to break.

In a word, bollocks.

The domain in question fails to validate because it has no DNSKEY records which match the DS record for that domain in its parent. Returing a SERVFAIL in these circumstances is emphatically not a protocol violation. As a matter of fact, it’s a protocol *requirement* to do just that.

Now google’s resolving servers might well be causing “systems to break” because they’re doing The Right Thing. That’s not google’s fault. It’s not their problem either. Bad things happen when people misconfigure their DNS servers/data or fail to look after them properly. As the holder of xn--e5h.com has done.

More information about the dns-operations mailing list