[dns-operations] Looping wildcard CNAMEs can be an obstacle for DANE, (googledomains.com-hosted example)
John Levine
johnl at taugh.com
Tue Apr 17 17:23:11 UTC 2018
In article <7F061DA2-17C3-4F7D-993D-8FB5C7D156A5 at dukhovni.org> you write:
>Yes, I know. On the list of things to discuss with Wietse, but can we
>rely on all iterative resolvers to do "sufficient" recursion?
Yes. If they don't they are badly broken and the solution is to use
one that is not broken.
In practice, I do not ever remember hearing of a resolver that didn't
handle a finite CNAME chain. This sounds to me like a problem
masquerading as a solution in search of a problem.
--
Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly
More information about the dns-operations
mailing list