Re: Slack.com DNSSEC on Feb 12th 15: 00 UTC

It appears that Peter Beckman said: >Agreed! Slack should probably move away from the custom domain model, and >go with slack.com/w/bjornbjorn moving forward. Their problem was poorly debugged software. I don't see any reason that web software is necessarily any better debugged than DNS

Re: Slack.com DNSSEC on Feb 12th 15:00 UTC

On Fri, Feb 4, 2022 at 11:18 AM William Herrin wrote: > On Fri, Feb 4, 2022 at 7:55 AM Bjørn Mork wrote: > > So why the heck do you insist on keeping that wildcard? Nobody else use > > wildcard A records. There is no reason. It's a loaded footgun. > > Okay... I know some of the bad things

Re: Slack.com DNSSEC on Feb 12th 15:00 UTC

Agreed! Slack should probably move away from the custom domain model, and go with slack.com/w/bjornbjorn moving forward. On Fri, 4 Feb 2022, Christopher Morrow wrote: On Fri, Feb 4, 2022 at 10:54 AM Bjørn Mork wrote: I assume you know which names you are going to serve? how would they

Re: Slack.com DNSSEC on Feb 12th 15:00 UTC

On Fri, Feb 4, 2022 at 7:55 AM Bjørn Mork wrote: > So why the heck do you insist on keeping that wildcard? Nobody else use > wildcard A records. There is no reason. It's a loaded footgun. Okay... I know some of the bad things that can happen with CNAMEs. What exactly is the problem with

Re: Slack.com DNSSEC on Feb 12th 15:00 UTC

On Fri, Feb 4, 2022 at 10:54 AM Bjørn Mork wrote: > > I assume you know which names you are going to serve? > > how would they be able to serve: footgun.slack.com bjornbjorn.slack.com ilovecorn.slack.com so immediately without that wildcard though? :)

Re: Slack.com DNSSEC on Feb 12th 15:00 UTC

RFC1912 says Wildcard As and CNAMEs are possible too, and are really confusing to users, and a potential nightmare if used without thinking first. You know the nightmare is real. You've been there. So why the heck do you insist on keeping that wildcard? Nobody else use wildcard A

RE: slack.com

Friday is always a good day to do such change. :D -Original Message- From: NANOG On Behalf Of Mark Tinka Sent: October 2, 2021 2:17 AM To: Bill Woodcock Cc: nanog@nanog.org Subject: Re: slack.com On 10/2/21 08:14, Bill Woodcock wrote: > We did not use an NTA, but we did flush

Re: slack.com

On 10/2/21 08:14, Bill Woodcock wrote: We did not use an NTA, but we did flush our cache immediately once Slack had fixed their problem.  I think that’s the right balance of carrot and stick. Tend to agree with this approach. But I can see how an issue like this could be potentially

Re: slack.com

We did not use an NTA, but we did flush our cache immediately once Slack had fixed their problem. I think that’s the right balance of carrot and stick. -Bill > On Oct 2, 2021, at 7:30 AM, Mark Tinka wrote: > >  So, that wasn't fun, yesterday: > > >