Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

Hi Peter Thomassen, Since this is the background of the DNS query I find your suggestion a valid solution for the problem that lego could implement. I agree! Thanks for clearing this up, I was on the wrong track about what the goal of that query was. I looked at the pcap again - the one

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

On 3/25/23 14:04, Christoph wrote: My understanding is that ACME is about whether there is a TXT RRset with the challenge record; if it is not there, it's irrelevant whether the outcome is NXDOMAIN or NODATA/NOERROR. OK, now I understand where the misunderstanding comes from. Thanks for

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

 >> However, I doubt this is a reasonable approach for your ACME  >> client. Sounds like a simple enough solution to me, can you elaborate why you doubt it is reasonable? My understanding is that ACME is about whether there is a TXT RRset with the challenge record; if it is not there, it's

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

On 3/25/23 11:44, Christoph wrote: >> However, I doubt this is a reasonable approach for your ACME >> client. Sounds like a simple enough solution to me, can you elaborate why you doubt it is reasonable? My understanding is that ACME is about whether there is a TXT RRset with the

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

On Tue, 2023-03-21 at 16:57 +0100, Peter Thomassen via Pdns-users wrote: > Well, if you ask for the xNAME (e.g. CNAME) record, then you'll get that > (with a NOERROR code). So by issuing an xNAME query in addition to the record > type you're interested in, you can learn whether the NXDOMAIN is

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

On 3/13/23 11:41, Chris Hofstaedtler | Deduktiva via Pdns-users wrote: * Christoph [230312 19:52]: When there is an xNAME chain, the RCODE field is set as follows: When an xNAME chain is followed, all but the last query cycle necessarily had no error. The RCODE in the

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

* Christoph [230312 19:52]: > >When there is an xNAME chain, the RCODE field is set as follows: > > > > When an xNAME chain is followed, all but the last query cycle > > necessarily had no error. The RCODE in the ultimate DNS response > > MUST BE set based on the final

Re: [Pdns-users] Rcode 3 NXDOMAIN for existing CNAME

* Christoph via Pdns-users [230309 18:42]: > Hi, > [cname chain where target name does not exist] > > Does this behavior meet RFC standards? (so lego is wrong?) > Can the behavior be changed by a configuration setting? RFC 6604 spells out the behaviour quite explicitly: