> On 28 May 2020, at 09:21, Andrew Tunnell-Jones via dns-operations
> wrote:
>
>
> From: Andrew Tunnell-Jones
> Subject: Re: [dns-operations] At least 3 CloudFlare DNS-hosted domains with
> oddball TLSA lookup ServFail
> Date: 28 May 2020 at 09:21:00 AEST
> To: Christian Elmerot
> Cc: dns-
--- Begin Message ---
On Thu, May 28, 2020 at 3:18 AM Christian Elmerot wrote:
>
>
> On 26/05/2020 12:00, Viktor Dukhovni wrote:
> > On Thu, Apr 23, 2020 at 08:46:02AM -0400, Shumon Huque wrote:
> >
> >>> Great, thanks. Not yet resolved FWIW:
> >>>
> >>> http://dnssec-stats.ant.isi.edu/~vikt
On Wed, May 27, 2020 at 04:35:29PM -0400, Dave Lawrence wrote:
> Viktor Dukhovni writes:
> > Interesting. I would have expected the RDATA to just be opaque bytes
> > when stored, and the server to return what ever it had, e.g.:
> >
> > _25._tcp.smtp.example.com. IN TLSA #2 0001
> > _25._
Viktor Dukhovni writes:
> Interesting. I would have expected the RDATA to just be opaque bytes
> when stored, and the server to return what ever it had, e.g.:
>
> _25._tcp.smtp.example.com. IN TLSA #2 0001
> _25._tcp.smtp.example.com. IN RRSIG TLSA ...
>
> and let the client deal with ma
On Wed, May 27, 2020 at 05:34:13PM +0100, Christian Elmerot wrote:
> > @alla.ns.cloudflare.com.[173.245.58.62]
> > ; <<>> DiG 9.16.2 <<>> +noidnout +nosearch +dnssec +noall +cmd
> > +comment +qu +ans +auth +nocl +nottl +nosplit +norecur -t tlsa
> > _25._tcp.mx01.mx-hosting.ch @173.245.
On 26/05/2020 12:00, Viktor Dukhovni wrote:
On Thu, Apr 23, 2020 at 08:46:02AM -0400, Shumon Huque wrote:
Great, thanks. Not yet resolved FWIW:
http://dnssec-stats.ant.isi.edu/~viktor/dnsviz/cloudflare.com.html
I didn't see the reason for the SERVFAIL in the dnsviz output. So I ran
my
