[dns-operations] NS1 updating codepoint for NXNAME
Viktor Dukhovni
ietf-dane at dukhovni.org
Mon Sep 9 16:37:26 UTC 2024
On Mon, Sep 09, 2024 at 10:50:14AM -0400, Shumon Huque wrote:
> > Dear colleagues,
> >
> > NS1 will be rolling out an update for Compact Denial of Existence in
> > DNSSEC (draft-ietf-dnsop-compact-denial-of-existence) which will
> > change the codepoint for the NXNAME meta record.
> >
> > The new implementation will use 128 allocated by IANA replacing the
> > private value 65283.
> >
> > We are currently planning to deploy the change in the following weeks.
> >
>
> Thank you for the notice Jan.
>
> I want to note that Cloudflare has also (recently) moved to TYPE 128
> for NXNAME.
Indeed confirmed live deployment for Cloudflare, and not quite yet for
NS1:
; NOERROR qr aa do
nxname.cloudflare.net. IN MX ?
cloudflare.net. IN SOA ns1.cloudflare.net. dns.cloudflare.com 2351095517 10000 2400 604800 1800
cloudflare.net. IN RRSIG SOA 13 2 1800 20240910164602 20240908144602 34505 cloudflare.net. [omitted]
nxname.cloudflare.net. IN NSEC \000.nxname.cloudflare.net. RRSIG NSEC NXNAME
nxname.cloudflare.net. IN RRSIG NSEC 13 3 1800 20240910164602 20240908144602 34505 cloudflare.net. [omitted]
; NOERROR qr aa do
nxname.ns1.com. IN MX ?
ns1.com. IN SOA dns1.p01.nsone.net. hostmaster.nsone.net 1666131216 43200 7200 1209600 3600
ns1.com. IN RRSIG SOA 13 2 3600 20240910154930 20240908154930 12196 ns1.com. [omitted]
nxname.ns1.com. IN NSEC \000.nxname.ns1.com. RRSIG NSEC TYPE65283
nxname.ns1.com. IN RRSIG NSEC 13 3 3600 20240910154930 20240908154930 12196 ns1.com. [omitted]
--
Viktor.
More information about the dns-operations
mailing list