Here's a preview from my zine, How DNS Works! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
read the transcript!
TXT records can contain literally anything
examplecat.com TXT
"hello! I'm an example cat!"
(though they’re usually ASCII)
they’re often used to verify that you own your domain
google, represented by a box with a smiley face: put “banana stand panda” in a TXT record to prove you) own this domain!
reasons to verify your domain
- to issue SSL certificates with Let’s Encrypt
- to use Single Sign On (SSO) for a service
- to get access to Google/ Facebook’s data about your domain (eg search data)
they’re also used for email security (SPF/DKIM/DMARC)
Illustration of two smiling stick figures talking.
person 1: should we create a DNS record type for SPF?
person 2: nah let’s just put it all in TXT records!
(not a historically accurate summary of the design process for SPF records)
TXT records can contain many strings
Each string is at most 256 characters, and clients will concatenate them together.
You’ll see this in DKIM records, because they’re usually more than 256 characters.
some other record types
CAA: restrict who can issue certificates for your domain
PTR: reverse DNS map IP addresses to domain names (look these up with dig -x
)
SRV: holds both an IP address and a port number
Saturday Morning Comics!
Want another comic like this in your email every Saturday? Sign up here!