Alexander Bochmann <[email protected]> wrote: > > Would other nameservers drop a reply where this scheme with pointer > compression resulting in a very large Signer's Name field is > being used? It doesn't look invalid as such.
Name compression isn't allowed in SIG / RRSIG / NSEC, which are the records that can be used to trigger this bug. A server would be justified to drop responses with compressed names in the wrong place, but I don't know how strict other implementations are in practice. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ promote human rights and open government _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
