Closed mat813 closed 10 years ago
WebSpider
commented
10 years ago I actually ran into this today as well. If I would want a keybase DNS proof, I would have to delete my SPF record (https://en.wikipedia.org/wiki/Sender_Policy_Framework) for that zone. Please allow searching for _keybase.my.zone.org IN TXT as well.
maxtaco
commented
10 years ago Seems like a good idea. On Jun 4, 2014 9:09 PM, "Nils" notifications@github.com wrote:
I actually ran into this today as well. If I would want a keybase DNS proof, I would have to delete my SPF record ( https://en.wikipedia.org/wiki/Sender_Policy_Framework) for that zone. Please allow searching for _keybase.my.zone.org IN TXT as well.
— Reply to this email directly or view it on GitHub https://github.com/keybase/keybase-issues/issues/750#issuecomment-45170994 .
mat813
commented
10 years ago @WebSpider You can have multiple TXT records, so, you should not have to remove the SPF one.
boegh
commented
10 years ago @mat813 while you are correct DNS-wise, I ran in to an issue of some SPF-verification services ONLY looking at the FIRST returned TXT-record. I haven't actually figured out if Keybase does the same thing (I removed mine, contrary to Keybase instructions), but if it doesn't then on i.e. Bind you can use the rrset-option and just make sure that your SPF-TXT is first.
maxtaco
commented
10 years ago This feature is now live on the mainsite and we'll make it live in v0.4.3 of the client. Those with old clients won't be able to verify these proofs until they upgrade....
maxtaco
commented
10 years ago Live in client v0.4.3
Hi,
It would be nice if it was possible to have the TXT record on a, say:
so that the zone apex is not polluted by it.