[dns-operations] CNAME at the apex breaks DNSSEC DS lookups from caches

Paul Vixie paul at redbarn.org
Sun Apr 17 02:57:58 UTC 2022

Evan Hunt wrote on 2022-04-17 02:58:
> ...
> I was the original author of the ANAME draft, and I thought it was a
> terrible idea, and said so at the time. The only reason I wrote it was that
> I believed browser vendors would remain unwilling to adopt a more sensible
> alternative, and as soon as my pessimism turned out to be unfounded, I was
> quite happy to drop the proposal.

the browsers are doing something that makes more sense to them.


P Vixie

More information about the dns-operations mailing list