[cabfpub] CAA records on google.com

Gervase Markham gerv at mozilla.org
Thu Jun 27 20:41:26 UTC 2013


On 19/06/13 13:10, Adam Langley wrote:
> google.com is now serving two CAA[1] records:
> 
> $ dig +short -t TYPE257 google.com
> \# 19 0005697373756573796D616E7465632E636F6D
> \# 23 0009697373756577696C6473796D616E7465632E636F6D
> 
> These correspond (I hope) to "issue" and "issuewild" records with a
> value of "symantec.com". 

I'm sure there's a good reason, but I can't find it in the RFC - why are
the values encoded in this opaque way? Every other type of record I
'dig' for seems human-readable. Is this because 'dig' does special
processing for common record types which it doesn't do for this type
(and needs to)?

Gerv



More information about the Public mailing list