--On 13 January 2010 13:19:30 -0500 Olafur Gudmundsson <o...@ogud.com> wrote:
Going forward I think this is a bad recommendation. I would like to propose that the document take the plunge of recommending that modern DNSSEC capable resolvers perform the priming query over TCP.
...
By making this change section 2.4 can be dropped, the one on not asking for signed answers.
Not sure I agree. I think there is a good case to be made that IF the DO bit is set, THEN the response SHOULD be made over TCP, but you are asking that even non DNSSEC capable resolvers which would query with DO clear make queries over TCP; in these instances the response packet would be much smaller. -- Alex Bligh _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
