Alex van den Bogaerdt [alex(_at_)ergens(_dot_)op(_dot_)het(_dot_)net] wrote:
On Fri, Jan 14, 2005 at 08:53:19PM +0100, Julian Mehnle wrote:
Now, what exactly is the supposed difference between the classic *
and the proposed **/*! again? That the former only applies to
non-existent domains, while the latter also applies to domains that
already have some RR defined for them? Or is there another
The new wildcard applies if the RR does not exist; whether this
is because the domain does not exist or because the node does not
contain the specified RR.
On a related question:
What if **.zonecut.example.org does exist, with an SPF record,
and xyz.abc.zonecut.example.org does exist, with an TXT record (v=spf1)
Should we use the SPF record, or the TXT record ?
I'd say, _if_ the SPF client supports the SPF RR type, it should perform a
full search for SPF-type records first, then fall back to TXT. This is
suboptimal during the TXT->SPF transition, but optimal in the long term.
(Damn, why doesn't DNS support multiple queries in one packet?)