Re: [DNSOP] Dname and its synthesized cname

Dear Mark, thanks for your kind reply. in RFC 2672, "The synthesized CNAME RR, if provided, MUST have The same CLASS as the QCLASS of the query, TTL equal to zero," In RFC6672 "A CNAME RR with Time to Live (TTL) equal to the corresponding DNAME RR is synthesized and

Re: [DNSOP] Heads-up - draft about "letting localhost be localhost" in SUNSET4 that really should be in DNSOP

In message

Re: [DNSOP] Heads-up - draft about "letting localhost be localhost" in SUNSET4 that really should be in DNSOP

The point is that the current policy for the root precludes an unsecure delegation. On Sun, Nov 20, 2016 at 9:20 PM, Mark Andrews wrote: > > In message > , Ted > Lemon writes: >> Which do you want? TLSA, or

Re: [DNSOP] Heads-up - draft about "letting localhost be localhost" in SUNSET4 that really should be in DNSOP

In message , Ted Lemon writes: > Which do you want? TLSA, or delegation? You can't have both. >From a technical perspective a insecure delegation for .localhost back to the root servers to break the DNSSEC chain of trust.