shuque> The UltraDNS implementation doesn't use the more precise white
shuque> lies epsilon function defined in the spec, but it is probably
shuque> good enough for all practical purposes.
shuque> And it's much closer to white lies than "black" lies, because it
shuque> preserves the correct
On Fri, Jan 27, 2023 at 11:16 AM Paul Ebersman <
list-dns-operati...@dragon.net> wrote:
> shuque> UltraDNS (Neustar Security Services) is known to use NSEC White
> shuque> Lies. I have a test zone there,
>
> shuque> which you can examine: "[[ultratest.huque.com]]".
>
> My recollection is that the
shuque> UltraDNS (Neustar Security Services) is known to use NSEC White
shuque> Lies. I have a test zone there,
shuque> which you can examine: "[[ultratest.huque.com]]".
My recollection is that the NSS implementation is really grey lies,
i.e. not quite RFC white lies but not fully black like
On Fri, Jan 27, 2023 at 3:39 AM Stephane Bortzmeyer
wrote:
> On Fri, Jan 27, 2023 at 12:19:18AM -0500,
> Viktor Dukhovni wrote
> a message of 30 lines which said:
>
> > Three sample zones:
>
> They all seem to use black lies, not white lies.
>
I took a quick look:
* herokudns.com is
On Fri, Jan 27, 2023 at 12:19:18AM -0500,
Viktor Dukhovni wrote
a message of 30 lines which said:
> Three sample zones:
They all seem to use black lies, not white lies.
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
On Thu, Jan 26, 2023 at 08:33:21PM +0100, Stephane Bortzmeyer wrote:
> I'm looking for zones in the wild that are signed using the technique
> of white lies (RFC 4470).
>
> [Not the black lies used by Cloudflare.]
Three sample zones:
herokudns.com. IN SOA dns1.p05.nsone.net.
I'm looking for zones in the wild that are signed using the technique
of white lies (RFC 4470).
[Not the black lies used by Cloudflare.]
Do you know some?
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net