On Jun 18, 2007, at 11:16 AM, Frank Ellermann wrote:
Hector Santos wrote:
Seems pretty clear in STD 13.
What am I missing here?
Nothing, it's only not obvious, and Michael just stumbled over it:
Queries for this.is.a.wild.example won't "see" the wild.example if
it's "blocked" by an "existing" a.wild.example, where "existing"
means "any RR".
He'd have to "reinsert" the blocked wildcard at is.a.wild.example.
Both wildcard and non-wildcard records need to be placed at _every_
valid node existing within the zone.
Deprecating the use of A records for discovery extends RFC 1123's
exclusions of CNAMEs that are problematic with wildcards.
Deprecating the use of A records even eliminates a need for wildcards.
As DNSSEC is deployed, wildcard abuse must be carefully considered.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html