On Friday, 17 April 2020 22:48:08 UTC Mark Andrews wrote:
> ...
>
> Or we could adopt the well known TSIG approach and defeat
> fragmentation attacks that way. This works for both IPv4 and IPv6.
fragmentation's harms extend well beyond dns integrity vulnerabilities. i
should not have proposed f
On Friday, 17 April 2020 19:48:48 UTC Olafur Gudmundsson wrote:
> > On Jan 22, 2020, at 11:16 PM, Paul Vixie wrote:
> >
> > ...
> >
> > historians please note: we should have put the DS RRset at $child._dnssec.
> > $parent, so that there was no exception to the rule whereby the delegation
> > po
> On 18 Apr 2020, at 08:00, Viktor Dukhovni wrote:
>
> On Fri, Apr 17, 2020 at 01:45:02PM -0700, Brian Dickson wrote:
>
>> Would the method have potentially been to have GLUEA and GLUE
>> records rather than effectively overloading the A/ status
>> (authoritative vs not)?
>>
>> And th
On Fri, Apr 17, 2020 at 01:45:02PM -0700, Brian Dickson wrote:
> Would the method have potentially been to have GLUEA and GLUE
> records rather than effectively overloading the A/ status
> (authoritative vs not)?
>
> And then all of the new types that live only in the parent, could have
>
On Fri, Apr 17, 2020 at 01:19:02PM -0700, Marek Vavruša wrote:
> This should be fixed as of yesterday.
Thanks! Yep, it is working now:
$ hsdig -n 1.1.1.1 -t soa _25._tcp.blue.xy1.nl.
; NoError AD=1
_tcp.blue.xy1.nl. IN DNAME _tcp.xy1.nl.
_25._tcp.blue.xy1.nl. IN CNAME _25._tcp.x
On Fri, Apr 17, 2020 at 12:57 PM Olafur Gudmundsson wrote:
>
>
> On Jan 22, 2020, at 11:16 PM, Paul Vixie wrote:
>
> On Thursday, 23 January 2020 02:51:28 UTC Warren Kumari wrote:
>
> ...
>
> If the parent makes the DS for me from my DNSKEY, well, then the DS
> suddently "feels" like it belongs
This should be fixed as of yesterday.
On Thu, 16 Apr 2020 at 13:19, Viktor Dukhovni wrote:
>
> On Thu, Apr 16, 2020 at 11:47:53AM -0700, Vicky Shrestha wrote:
>
> > The fix is being rolled out to our canary POPs and it should be deployed in
> > rest of the network next week.
>
> Any chance you're
> On Jan 22, 2020, at 11:16 PM, Paul Vixie wrote:
>
> On Thursday, 23 January 2020 02:51:28 UTC Warren Kumari wrote:
>> ...
>>
>> If the parent makes the DS for me from my DNSKEY, well, then the DS
>> suddently "feels" like it belongs more to the parent than the child,
>> but this is starting
On Fri, Apr 17, 2020 at 2:00 AM Mark Andrews wrote:
> Can you please explain why your servers are returning NOTIMP
> for unknown types outside of the range reserved for meta types (128-255)?
>
> The RFC compliant rcode is NOERROR for names that exist and NXDOMAIN for
> names that do not exist. S
Hi Giovane,
I will reach out to you off list.
Manu
On Fri, Apr 17, 2020 at 1:44 AM Giovane C. M. Moura via dns-operations <
dns-operati...@dns-oarc.net> wrote:
>
>
>
> -- Forwarded message --
> From: "Giovane C. M. Moura"
> To: "dns-operati...@dns-oarc.net"
> Cc:
> Bcc:
> Date
On 4/17/20 1:52 AM, Mark Andrews wrote:
> Subject: Re: [dns-operations] Anyone from Google here?
A reminder to OARC Members that they can use the "Contact Directory"
feature of the OARC Member Portal to find DNS Operations contacts at
other Members.
Keith
___
--- Begin Message ---
hello folks,
Is there anyone from Facebook on the list?
(or maybe someone knows someone there)
thanks,
/giovane
--- End Message ---
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailm
12 matches
Mail list logo
