[dns-operations] a note on fetching the root zone using "dig"
m3047 at m3047.net
Thu Nov 1 19:35:37 UTC 2018
Is there increased potential for homographs to be missed with this
default? I assume Paul's use case is automated, but I'm not sure about an
incident responder looking through dig output at 3AM. On the other hand
somebody scanning for something which is already IDN could find xn--
output more difficult to look at.
The failure here isn't really a default per se, it is a default combined
with installation and also runtime artifacts.
On Wed, 31 Oct 2018, Paul Vixie wrote:
> today i started getting this:
>> [yeti-dns.tisf:amd64] dig @f.root-servers.net . axfr > ~/foo
>> dig: Cannot represent 'ns1.xn--cg4bki.centralnic-dns.com.' in the current
>> locale (string encoding error), use +noidnout or a different locale
More information about the dns-operations