RFC 4034, "Resource Records for the DNS Security Extensions", March 2005Source of RFC: dnsext (int)
Errata ID: 2824
Publication Format(s) : TEXT
Reported By: Edward Lewis
Date Reported: 2011-06-06
Rejected by: Brian Haberman
Date Rejected: 2012-04-30
Section 3.1.3 says:
The value of the Labels field MUST NOT count either the null (root) label that terminates the owner name or the wildcard label (if present).
It should say:
The value of the Labels field MUST NOT count either the null (root) label that terminates the owner name or the leftmost label if it is a wildcard.
In RFC 4035, section 2.2, describing the same count uses this: ... "and not counting the leftmost label if it is a wildcard" to omit the leading wildcard label. (In 4034, the wildcard label is defined as "*" earlier in the same problematic section.)
The text in 4034 could be confused with having to count "wildcard labels" in the middle of a name, such as in name.*.tld. The reason for suggesting this errata is for compliance considerations.
All wildcard labels start with * in the leftmost label. No other kind of wildcard label exists.
From RFC 1034:
In the previous algorithm, special treatment was given to RRs with owner
names starting with the label "*".