In message <[email protected]>, Wes Hardaker writes: > Viktor Dukhovni <[email protected]> writes: > > >> _666._tcp.first.example. TLSA 3 1 1 {blob} > >> _666._tcp.first.example. TLSA DANE-TA SPKI SHA2-256 {blob} > >> > >> Something needs to be said for that case; what would an existing > >> implementation do? drop both? take one? Either way, it should be > >> discussed/mentioned. > > > > I'm confused I thought these were just user friendly names... The > > wire format of the DNS TLSA record is surely unchanged. In which > > case it is impossible to publish the second form, it is just an > > input format in documentation (and perhaps source form zone files > > in supporting DNS servers), but not a wire format. > > I did actually mean to respond to that and say such, because I realized > that shortly afterward. Sorry. > > (though the zone file is still affected, I don't know of any software > that does partial reads of zone files and only takes the records it can under > stand)
Any server that does a partial read is not rfc compliant. > -- > Wes Hardaker > Parsons > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
