On Thu, Jun 10, 2021 at 04:26:44PM -0700, Shivan Kaul Sahib <[email protected]> wrote a message of 164 lines which said:
> Hi all, Shumon and I have been working on an early draft that > surveys current DNS domain verification techniques. Depending on how > it goes, we hope to eventually explore if we can come up with some > best practices. Section 4.1: you do not mention a recommended name for the subdomain. Should we suggest a name starting with an underscore, to limit the risk of collisions and to emphasize it is not a host name? (On the other hand, some users may have a limited DNS provisioning interface, which enforces a LDH restriction.) Section 5: should we also add that, specially if the zone is not signed, multi-vantage-point checking is recommended (Let's Encrypt already does it)? _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
