A list of (mostly) technical consequences of TLD wildcards
Paul Vixie
vixie at vix.com
Sat Sep 27 15:42:18 UTC 2003
> Makes me wonder why Verisign didn't use a (less harmful?) CNAME wildcard ...
The CNAME algorythm in RFC1034 looks for CNAMEs before it looks for wildcards,
meaning that the target of a CNAME could end up matching a wildcard, but the
CNAME owner itself won't be found using the wildcarding rules. see [4.3.2].
What this means is, there is no such thing as a wildcard CNAME.
--
Paul Vixie
More information about the NANOG
mailing list