[193449] in North American Network Operators' Group
Re: DNS CAA records...
daemon@ATHENA.MIT.EDU (Nolan Berry)
Tue Jan 17 19:49:16 2017
X-Original-To: nanog@nanog.org
From: Nolan Berry <nolan.berry@RACKSPACE.COM>
To: Eric Tykwinski <eric-list@truenet.com>, nanog list <nanog@nanog.org>
Date: Wed, 18 Jan 2017 00:12:32 +0000
In-Reply-To: <280728E2-F42B-4058-9120-9C82A5CBA981@truenet.com>
Errors-To: nanog-bounces@nanog.org
So a quick look into this I see one potential real world example:
;; ANSWER SECTION:
google.com. 129 IN A 216.58.218.142
google.com. 74411 IN NS ns4.google.com.
google.com. 74411 IN NS ns1.google.com.
google.com. 74411 IN NS ns2.google.com.
google.com. 74411 IN NS ns3.google.com.
google.com. 3054 IN TXT "v=3Dspf1 include:_spf.google.com ~=
all"
google.com. 64 IN AAAA 2607:f8b0:4000:802::200e
google.com. 54475 IN TYPE257 \# 19 0005697373756573796D616E=
7465632E636F6D
In RFC 6844 section 7.1 it states
"IANA has assigned Resource Record Type 257 for the CAA Resource Record Typ=
e"
and I am seeing:
google.com. 54475 IN TYPE257 \# 19 0005697373756573796D616E=
7465632E636F6D
Nolan Berry
Linux Systems Engineer
DNS Engineering
Rackspace Hosting
________________________________
From: NANOG <nanog-bounces@nanog.org> on behalf of Eric Tykwinski <eric-lis=
t@truenet.com>
Sent: Tuesday, January 17, 2017 6:04:31 PM
To: nanog list
Subject: DNS CAA records...
So I=92ve come across this on Qualys and just wondering if there=92s any pr=
actical examples out there in the wild.
I know some BIND guys are on here, so I=92m sure I=92m missing something fr=
om the RFCs.
Just wanted to test this out on my play domains before putting it out in th=
e wild...
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
