On Wed, Aug 12, 2015 at 11:21:58AM +1000, Mark Andrews wrote: > > RFC 3045 3.1.1. Including RRSIG RRs in a Response
I assume you meant 4035, but that section says absolutely nothing about where in the section the RRSIG needs to go. > s/Add/Append/ and there is no dispute. I doubt anyone thought "Add" > meant insert before records already in the answer and adjust > compression pointers in the existing records. "Add" does not mean "add somewhere in particular". Just because you interpreted "add" to mean "add at the end" doesn't mean that's what the words in the text say. This is another of those dusty corners of the DNS where things have not been written down clearly. An RRset is clearly an unordered set. But I don't see anything (I could well be overlooking something, and I'd be delighted if I am) about the order of RRsets in a single section of a message. RRSIGs are themselves tricky in that respect, because they're formally not part of the RRset but an RRSIG covers the RRset and therefore has to travel with it. Best regards, A -- Andrew Sullivan a...@anvilwalrusden.com _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
