subject:"\[DNSOP\] Order of DNS records..."

Re: [DNSOP] Order of DNS records...

2016-01-12 Thread Brett

On 11 January 2016 at 21:20, Stephane Bortzmeyer wrote: > Interesting: it sends the signature before the SOA (and it breaks at > least one DNS program - one of mine, shame): > > % dig @ns02.one.com. SOA masters-consultants.fr. > > ; <<>> DiG 9.9.5-9+deb8u3-Debian <<>>

Re: [DNSOP] Order of DNS records...

2016-01-12 Thread Stephane Bortzmeyer

On Tue, Jan 12, 2016 at 02:43:46PM +, Dick Franks wrote a message of 176 lines which said: > returned RRSIG first for 44% of my statistically dubious sample. It is said that PowerDNS does it at random, on purpose, to break erroneous programs.

Re: [DNSOP] Order of DNS records...

2016-01-12 Thread Dick Franks

Attempt to repeat your result using #!/usr/bin/perl -w # use Net::DNS 1.01; my $resolver = new Net::DNS::Resolver( nameserver => 'ns02.one.com.', dnssec => 1 ); $resolver->send(qw( masters-consultants.fr SOA ))->print; # returned RRSIG first for 44% of my statistically dubious sample.

Re: [DNSOP] Order of DNS records...

2016-01-12 Thread bert hubert

On Tue, Jan 12, 2016 at 03:47:16PM +0100, Stephane Bortzmeyer wrote: > > returned RRSIG first for 44% of my statistically dubious sample. > > It is said that PowerDNS does it at random, on purpose, to break > erroneous programs. Let me clarify that. PowerDNS Authoritative has always randomized