2022/07/06
that DNS listens on port 53
tags
2022/11/11
that SAN = Subject Alternate Name. A SAN certificate is a TLS certificate that certifies multiple domain names.
see https://support.dnsimple.com/articles/what-is-ssl-san/
that AWS Certificate Manager and other free-TLS-certificate services can’t validate private domain names since ACME (Automated Certificate Management Environment) relies on public DNS or WHOIS records.
See also https://docs.aws.amazon.com/acm/latest/userguide/domain-ownership-validation.html.
2023/06/05
SPF (Sender Policy Framework) records are DNS TXT records like v=spf1 _include=${email_server_domain} ~all.
SPF records help email servers verify that another email server is allowed to send messages from a domain (e.g. foo@domain.com should only be sent by servers listed in an SPF record on a DNS server with authority over domain.com).
More info at https://www.cloudflare.com/learning/dns/dns-records/dns-spf-record/
DKIM is another TXT record that issues public keys to check signature headers in email: https://www.cloudflare.com/learning/dns/dns-records/dns-dkim-record/
2023/08/18
That the authorative database of top-level domains is published by the IANA at https://www.iana.org/domains/root/db