[Unbound-users] [Q] HINFO in signed zone results SERVFAIL, but NOERROR with BIND
wouter at NLnetLabs.nl
Wed Jan 7 07:02:09 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Florian Weimer wrote:
> * W. C. A. Wijngaards:
>> This is an interpretation problem in RFC4034 6.2(3).
>> A workaround is to give your HINFO in lowercase:
>> HINFO "vmware" "freebsd"
>> Unbound lowercases all text in the rdata of HINFO records before
>> verification. Because that is what I believe RFC4034 6.2(3) means.
> The two strings aren't DNS names (<domain-name>s), so they shouldn't
> be lower-cased. I don't know why RFC 4034 specifies HINFO, it seems a
Yes, I have been convinced of that too. So, unbound no longer downcases
the HINFO rdata.
> How do you handle NAPTR? As far as I understand RFC 4034, you should
> downcase the replacement only.
Yes, one domain name field gets lowercased, the rest is not lowercased.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Unbound-users