[dns-operations] NS1 updating codepoint for NXNAME
Paul Vixie
paul at redbarn.org
Mon Sep 9 17:34:40 UTC 2024
on behalf of the security community let me thank each and every one who has
specified, implemented, and deployed NXNAME. my original worry was that the
difference between rcode=3 and ancount=0 might not matter to a web browser but
it absolutely does matter to security analysts. thanks for bridging the gap.
--
P Vixie
On Monday, September 9, 2024 7:50:14 AM PDT Shumon Huque wrote:
> On Mon, Sep 9, 2024 at 2:55 AM Jan Včelák <jv at fcelda.cz> wrote:
> > Dear colleagues,
> >
> > NS1 will be rolling out an update for Compact Denial of Existence in
> > DNSSEC (draft-ietf-dnsop-compact-denial-of-existence) which will
> > change the codepoint for the NXNAME meta record.
> >
> > The new implementation will use 128 allocated by IANA replacing the
> > private value 65283.
> >
> > We are currently planning to deploy the change in the following weeks.
>
> Thank you for the notice Jan.
>
> I want to note that Cloudflare has also (recently) moved to TYPE 128 for
> NXNAME.
>
> Shumon Huque
More information about the dns-operations
mailing list