nanog mailing list archives

Re: Slack.com DNSSEC on Feb 12th 15:00 UTC

From: William Herrin <bill () herrin us>
Date: Fri, 4 Feb 2022 08:17:48 -0800

On Fri, Feb 4, 2022 at 7:55 AM Bjørn Mork <bjorn () mork no> wrote:

So why the heck do you insist on keeping that wildcard?  Nobody else use
wildcard A records.  There is no reason.  It's a loaded footgun.


Okay... I know some of the bad things that can happen with CNAMEs.
What exactly is the problem with wildcard A records and DNSSEC?

Regards,
Bill Herrin


-- 
William Herrin
bill () herrin us
https://bill.herrin.us/

Current thread:

Slack.com DNSSEC on Feb 12th 15:00 UTC Rafael Elvira via NANOG (Feb 04)
- Re: Slack.com DNSSEC on Feb 12th 15:00 UTC Bjørn Mork (Feb 04)
  - Re: Slack.com DNSSEC on Feb 12th 15:00 UTC Christopher Morrow (Feb 04)
    - Re: Slack.com DNSSEC on Feb 12th 15:00 UTC Peter Beckman (Feb 04)
    - Re: Slack.com DNSSEC on Feb 12th 15: 00 UTC John Levine (Feb 04)
    - Simplified BGP peering solution Josh Saul (Feb 07)
    - Re: Simplified BGP peering solution Laura Smith via NANOG (Feb 07)
    - Re: Simplified BGP peering solution Mike Hammett (Feb 07)
    - Re: Simplified BGP peering solution Jon Lewis (Feb 07)
    - RE: Simplified BGP peering solution Adam Thompson (Feb 07)
  - Re: Slack.com DNSSEC on Feb 12th 15:00 UTC William Herrin (Feb 04)
    - Re: Slack.com DNSSEC on Feb 12th 15:00 UTC Shumon Huque (Feb 04)