-
When checking for DANE it checks the webserver IP for TLSA, but in reality it should check the MX records (mailservers) for TLSA and not the domain.
Is this a bug?
-
> What version of ejabberd are you using?
> How did you install ejabberd (source, package, distribution)?
https://www.process-one.net/downloads/downloads-action.php?file=/ejabberd/17.03/ejabberd-1…
-
meeting link: https://jitsi.fem.tu-ilmenau.de/MailuDevCollab
We just had our first Mailu-Project-Video-Meeting! 🎉🎉🎉🎉🎉
It was great to be able to talk about the project, and @HorayNarea, @ofthesu…
-
NextDNS has the following security features, why the same can't be develop for adguard home?
- DNS Rebinding Protection
- IDN Homograph Attacks Protection
- Typosquatting Protection
- Domain Gen…
-
I am using caddy as a reverse proxy for mailcow, and I am searching for a way to disable private key rotation on renewal of the ssl certificate so that I don't have to update my TLSA records.
Vcele updated
6 months ago
-
According to https://docs.gandi.net/en/domain_names/faq/dns_records.html#what-dns-record-types-does-gandi-s-livedns-support TLSA records are supported but via LiveDNS rest api
Currently it fails wi…
onny updated
8 months ago
-
default._domainkey.example.com
$regexChars = [0 => '/^[a-z0-9\x2d]{1,63}$/i'];
[hostnameInvalidHostnameSchema]: The input appears to be a DNS hostname but cannot match against hostname schema for TL…
-
Some resolvers are now doing aggressive NSEC caching as well as qname minimization. This can easily expose issues where incorrect NSEC records are provided lower label depths.
For example `d.foo.ba…
-
Wildcard records require a non-existence proof either `NSEC` or `NSEC3` to prove no exact match exists which is not included in `AuthenticationChain` created by this library. Standard DNSSEC validator…
-
Verification fails here:
https://github.com/MiniDNS/minidns/blob/master/minidns-dnssec/src/main/java/org/minidns/dnssec/Verifier.java#L45
Where ds.digestType = SHA-384, which seems to be missing…