-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hoi Rick,
No. Either it is case insensitive and folded by the signer already, or the case is important. Starting to tryout which change verifies leads in a very dangerous path. And who knows if SPF strings are not case sensitive and when they will be used in the HINFO type :-) The unbound behaviour for HINFO is to follow the dnssec-updates draft. Best regards, Wouter Rick van Rein wrote: >> Unbound lowercases all text in the rdata of HINFO records before >> verification. Because that is what I believe RFC4034 6.2(3) means. > > Isn't this one of those places where you can be liberal in what you accept? > That is, trying multiple cases (wire format and lowercase, to be precise) > while validating the signature? > > I mean, there's hardly a security concern in the upper/lowercase distinction. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkljaKYACgkQkDLqNwOhpPjBBACcCO74MrPh0+cqQFT6yJ8raiaQ o1sAoIRzgt59qApbSAgciXn43zSyWAcH =AtR6 -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
