* Tony Finch: >> Evan Hunt <e...@isc.org> wrote: >> > >> > This could be a pretty brilliant solution, actually: If you're >> > authoritative for a signed zone and you receive a query of type ANY, >> > return the applicable NSEC/NSEC3; if the zone is *not* signed, synthesize >> > a response containing a single RR with a type from the "private use" range >> > (e.g. TYPE65531 or whatever), zero length rdata, and a long TTL. > > Maybe this could be a use for the NULL RRtype? :-)
We'd have to be reasonably sure that no resolver treats is as a meta-type and turns the upstream response into a FORMERR upon seeing it in the answer section. “NULLs are used as placeholders in some experimental extensions of the DNS.” is not confidence-inspiring in this regard. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
