Jacob Bunk Nielsen

There should be no need for the proxy-cname thing. I'm not sure why that was ever a thing, but it certainly isn't anymore. I just tested today. I'm not certain...

@ameinild - I logged into the control panel and created a TXT record for _acme-challenge. with some random content. I did not test the code provided in this repo, but...

@dlegranddk - I have no insights into how that API works, but I would *guess* that you need to specify 'mydomain.one' rather than '_acme-challenge.mydomain.one' in the POST URL.

@dlegranddk - if you are using one.com name servers, forget about https://help.one.com/hc/en-us/articles/360000297458-Why-is-SSL-HTTPS-not-working-on-my-site-#step-5 - creating those CNAMEs only makes sense for users that use external DNS and want a certificate for...

It's more elegant and user friendly to separate the identification of these queries from the rule based decision of what to do with them, so sounds perfect to me.

Thank you for implementing this - looking forward to giving it a spin.

I had a chat with my local Linux kernel developer at a conference today - we discussed the options for rate limiting new TCP connections using BPF, and he told...

> https://indico.dns-oarc.net/event/46/contributions/978/attachments/947/1754/Cache%20Poisoning%20Protection%20-%20Deployment%20Experience.pdf page 13 is also semi-relevant to this We did get a mention on slide 12. Google's use of our ADoT service is what caused me to create this...