Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/waldoj/statuses/113399460853951175">Waldo Jaquith (waldoj@mastodon.social)'s status on Thursday, 31-Oct-2024 12:32:22 JST</a><a href="https://mastodon.social/@waldoj" title="waldoj@mastodon.social"><img src="https://gnusocial.jp/avatar/55936-48-20241016044339.webp" width="48" height="48" alt="Waldo Jaquith" style="position: absolute; left: 0; top: 0;">Waldo Jaquith</a><div><a href="https://mastodon.social/@waldoj/113396130983319372" rel="in-reply-to">in reply to</a></div></section><article><p>Here’s a hint as to what’s wrong with system-level networking services on macOS 15.1: Safari has inconsistent DNSSEC signature problems, while Chrome and Firefox (which use their own networking engines) do not. Every query has a different subset of signature problems.</p><p>I think I'm too rusty on cryptography implementation to meaningfully debug this further; here's hoping Apple patches this soon.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3908808#notice-7638662">In conversation</a><time datetime="2024-10-31T12:32:22+09:00" title="Thursday, 31-Oct-2024 12:32:22 JST">about a month ago</time> <span>from <span><a href="https://mastodon.social/@waldoj/113399460853951175" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@waldoj/113399460853951175">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/3378805">A screenshot of a DNS-checking tool that reports a bunch of test results. For the “good signature” test, there are failing test results for ECDSA P-256, ECDSA P-384, and Ed25519.</a></label><br><a href="https://files.mastodon.social/media_attachments/files/113/399/460/090/288/303/original/26db89276dd1a2ee.png" rel="external">https://files.mastodon.social/media_attachments/files/113/399/460/090/288/303/original/26db89276dd1a2ee.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/3378806">A screenshot of a DNS-checking tool that reports a bunch of test results. For the “good signature” test, there are failing test results for ECDSA P-256 and Ed25519.</a></label><br><a href="https://files.mastodon.social/media_attachments/files/113/399/460/353/121/614/original/18a4536c3e2cda4d.png" rel="external">https://files.mastodon.social/media_attachments/files/113/399/460/353/121/614/original/18a4536c3e2cda4d.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/3378807">A screenshot of a DNS-checking tool that reports a bunch of test results. For the “good signature” test, there is a failing test result for ECDSA P-256.</a></label><br><a href="https://files.mastodon.social/media_attachments/files/113/399/460/614/532/526/original/b41d0d48aefba3b3.png" rel="external">https://files.mastodon.social/media_attachments/files/113/399/460/614/532/526/original/b41d0d48aefba3b3.png</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Waldo Jaquith (waldoj@mastodon.social)'s status on Thursday, 31-Oct-2024 12:32:22 JST Waldo Jaquith
in reply to
Here’s a hint as to what’s wrong with system-level networking services on macOS 15.1: Safari has inconsistent DNSSEC signature problems, while Chrome and Firefox (which use their own networking engines) do not. Every query has a different subset of signature problems.
I think I'm too rusty on cryptography implementation to meaningfully debug this further; here's hoping Apple patches this soon.
In conversationabout a month ago from mastodon.socialpermalink
Attachments

Public

Embed Notice

HTML Code

Corresponding Notice