From 59d66153eecb7dff7d8c681ffc493875f9815625 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Wed, 29 Apr 2026 17:36:03 +0700
Subject: [PATCH] checker: join recorded owner Hdr.Name to parent FQDN

---
 checker/collect.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/checker/collect.go b/checker/collect.go
index 2b715fe..cc30469 100644
--- a/checker/collect.go
+++ b/checker/collect.go
@@ -193,11 +193,13 @@ func computeOwner(body serviceBody, prefix, parent string) (expected, recorded s
 		// Normalise: no double dots.
 		expected = strings.Replace(expected, "..", ".", -1)
 	}
+	// happyDomain encodes service-embedded record owners relative to the
+	// parent zone, so we must join with parent before treating as FQDN.
 	switch {
 	case body.OpenPGP != nil && body.OpenPGP.Hdr.Name != "":
-		recorded = dns.Fqdn(body.OpenPGP.Hdr.Name)
+		recorded = dns.Fqdn(sdk.JoinRelative(body.OpenPGP.Hdr.Name, parent))
 	case body.SMIMEA != nil && body.SMIMEA.Hdr.Name != "":
-		recorded = dns.Fqdn(body.SMIMEA.Hdr.Name)
+		recorded = dns.Fqdn(sdk.JoinRelative(body.SMIMEA.Hdr.Name, parent))
 	}
 	return
 }