I can see where "validate on zone transfer" would be a feature request. And "validate everything" similarly.
For the draft, could a small paragraph be added explaining the difference between using a separate view for the root zone and just loading it in the same view, so that people like me realize the tradeoffs before we decide to implement the draft with what we might think is a minor simplification, not realizing the impact? -- Bob Harold hostmaster, UMnet, ITcom Information and Technology Services (ITS) rharo...@umich.edu 734-647-6524 desk On Thu, Nov 20, 2014 at 12:34 PM, Paul Hoffman <paul.hoff...@vpnc.org> wrote: > On Nov 20, 2014, at 9:19 AM, Doug Barton <do...@dougbarton.us> wrote: > > The question at the end of this post was a serious one, FWIW. > > If I understand it correctly, the question is a feature request for > BIND/NSD/whatnot, not an issue with the draft, correct? That is, I think > you are asking for your authoritative server to have a feature that > performs DNSSEC validation on an incoming zone transfer (or possibly on a > zone in your authoritative list). If your question is actually about the > draft, by all means please clarify so we can deal with it in the draft. > > --Paul Hoffman > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
