[dns-operations] At least 3 CloudFlare DNS-hosted domains with oddball TLSA lookup ServFail
Vladimír Čunát
vladimir.cunat+ietf at nic.cz
Sun Apr 19 17:45:04 UTC 2020
On 4/19/20 6:49 PM, Viktor Dukhovni wrote:
>>> I believe that's normal for CloudFlare authoritatives, and so far I've
>>> noticed no real problems from that, apart from effects like less
>>> efficient caching. Description:
>>> https://blog.cloudflare.com/black-lies/#dnsshotgun
> It can't be "normal", because the auth servers ServFail when I request
> the promised TLSA RRs.
I only meant that those NSECs are normal (for them), not the ServFails
or timeouts which they most likely have to debug themselves.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200419/a9a6aeba/attachment.html>
More information about the dns-operations
mailing list