[dns-operations] coop. provides broken NSEC3 proofs of non-existence
Alarig Le Lay
alarig at swordarmor.fr
Mon Oct 23 13:15:05 UTC 2017
Hi,
On lun. 23 oct. 11:08:56 2017, Vladimír Čunát wrote:
> I believe the answers provided over IPv4 are valid but those over IPv6
> are not. I might be wrong, but I'm fairly confident about it now.
> Details of my reasoning:
> https://gitlab.labs.nic.cz/knot/knot-resolver/issues/261#note_58800
It seems that you’re right, I tested ouvaton.coop from three locations,
and at each time I can’t resolve ns{1,2,3}.ouvaton.coop over IPv6, but
can over IPv4.
https://paste.swordarmor.fr/raw/tyaP
--
alarig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20171023/0ffdad9b/attachment.sig>
More information about the dns-operations
mailing list