Paul Vixie wrote:
>>> Right, NXDOMAIN returned by some broken implementation to empty
>>> non-terminals MUST NOT be interpreted that the terminals does not
>>> exist.
>
> i disagree with this. broken implementations who emit NXDOMAIN for
> empty non-terminals cannot be used as an excuse not to develop and
> deploy correct protocol and software enhancements.
My suggestion is just for robust minimization without sacrificing
the correctness as NXDOMAIN for full domain name is interpreted
as is.
> the internet has
> hundreds of years to run yet, and these broken implementations are
> (a) shrinking not growing, and (b) subject to rapid replacement when
> they start to encounter problems with correct enhancements to their
> habitat.
How widely is EDNS deployed?
IIRC, about 20 years ago, you said 2KB DNS message of DNSSEC
was not a problem because EDNS takes care of it.
Masataka Ohta
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
