All
Welcome back from holidays, those who have returned.
Discussions with the working group and authors and we feel these documents
are ready to move forward. The two deprecation documents are short.
The focus of 8624-bis is to move the canonical list of DNSSEC algorithms to
an IANA registry.
Th
On Jan 6, 2025, at 17:06, Shane Kerr wrote:
>
> Alex,
>
> On 06/01/2025 22.02, Brotman, Alex wrote:
>> Looking at something relating to the day job, and I'm curious if there's any
>> method declared in the IETF world where the query side of the interaction
>> can understand that the response w
Alex,
On 06/01/2025 22.02, Brotman, Alex wrote:
Looking at something relating to the day job, and I'm curious if there's any
method declared in the IETF world where the query side of the interaction can
understand that the response was fulfilled by a wildcard record. I've asked a
few folks,
These are zones I do not control. I assume the recursive I'm using (which does
support DNSSEC) is of no help here.
I'd be happier if everyone would sign, for a bunch of reasons. I'm sure many
would be.
--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
> -Original Mes
Sign the zone. Wildcard responses are visible in the DNSSEC records. The RRSIG
label count is different and there will be NSEC/NSEC3 records that show whether
the wild card response is valid or not.
--
Mark Andrews
> On 7 Jan 2025, at 08:04, Brotman, Alex
> wrote:
>
> Looking at something
DNSSEC* makes this clear. Otherwise, I don't believe it is revealed.
--Ben Schwartz
*When using classic offline signing.
From: Brotman, Alex
Sent: Monday, January 6, 2025 4:02 PM
To: dnsop@ietf.org
Subject: [DNSOP] Flag for Wildcard Responses
Looking at someth
Internet-Draft draft-ietf-dnsop-rfc8624-bis-03.txt is now available. It is a
work item of the Domain Name System Operations (DNSOP) WG of the IETF.
Title: DNSSEC Cryptographic Algorithm Recommendation Update Process
Authors: Wes Hardaker
Warren Kumari
Name:draft-ietf-dns
Looking at something relating to the day job, and I'm curious if there's any
method declared in the IETF world where the query side of the interaction can
understand that the response was fulfilled by a wildcard record. I've asked a
few folks, and I haven't gotten anything that suggests as thou
On Mon, Jan 6, 2025 at 9:19 AM Stephane Bortzmeyer
wrote:
> On Thu, Jan 02, 2025 at 09:55:15AM -0500,
> Shumon Huque wrote
> a message of 211 lines which said:
>
> > In my view, this is not an erratum, which would imply there was an
> > error in RFC4035. That RFC was focussed on the originally
On Mon, Jan 06, 2025 at 06:10:38AM -0800,
internet-dra...@ietf.org wrote
a message of 19 lines which said:
> Internet-Draft draft-bortzmeyer-more-edes-02.txt is now available.
>
>Title: Addition of Extended DNS Errors codes
Happy New Year and this new version includes the issues on var
On Thu, Jan 02, 2025 at 09:55:15AM -0500,
Shumon Huque wrote
a message of 211 lines which said:
> In my view, this is not an erratum, which would imply there was an
> error in RFC4035. That RFC was focussed on the originally envisioned
> mode of DNSSEC, using pre-computed signatures, and did n
11 matches
Mail list logo
