Slack.com DNSSEC on Feb 12th 15:00 UTC

Bjørn Mork bjorn at mork.no
Fri Feb 4 15:54:13 UTC 2022


RFC1912 says

   Wildcard As and CNAMEs are possible too, and are really confusing to
   users, and a potential nightmare if used without thinking first.

You know the nightmare is real.  You've been there.

So why the heck do you insist on keeping that wildcard?  Nobody else use
wildcard A records.  There is no reason.  It's a loaded footgun.

I assume you know which names you are going to serve?


Bjørn


More information about the NANOG mailing list