[dns-operations] Looping wildcard CNAMEs can be an obstacle for DANE, (googledomains.com-hosted example)
John R Levine
johnl at taugh.com
Mon Apr 16 17:03:44 UTC 2018
>> It's certainly broken but I don't see anything particularly intersting
>> about it.
>
> you don't understand the goal. i figure that, if viktor is getting a
> nickel for every dns ops problem he finds, he is gonna be a very rich
> man. :)
>
> features, complexity, mops, ...; we're making a mess. if we could
> measure breakage, i suspect db/dt would be worrisome.
I suppose, but this also seems to me to be a matter of code discipline.
CNAME loops can happen any time you do a DNS lookup, so you shouldn't have
to code specially for them every time you add a new application.
Regards,
John Levine, johnl at taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
More information about the dns-operations
mailing list