> On Nov 16, 2019, at 9:41 AM, John Levine <jo...@taugh.com> wrote:
>
> Remember that it's invalid for an NS or MX to point to a CNAME so I assume
> it's equally invalid for them to point to a DNAME.
There's no need for NS RRs pointing the non-canonical names, the DNAMEs
are there for continuity (or to support alternative representations) of
actual application services. That's not a real barrier to DNAME use.
And speaking of application services, the prohibition of MX pointing to
CNAME is not enforced by any MTA I'm aware, and a small, but non-negligible
fraction of domains do have MX RRs that point to CNAMEs.
In my DANE survey, out of of 8503 MX hosts, 130 (1.5%) are CNAME aliases.
None presently via DNAMEs, but Tony Finch has a DNAME redirecting TLSA
lookups:
_tcp.hummus.csx.cam.ac.uk. IN DNAME _hummus_tcp.exim.org.
and three other domains also have DNAME-redirected _tcp subtrees.
--
Viktor.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
