A couple of quick observations:

* The draft says that the answer in a signed zone MAY be unsigned.
  Since this will ultimately cause a SERVFAIL for validating
  resolvers, it is not really acceptable.

* The draft does not describe at all what the proper behaviour is for
  an owner name that has a CNAME record.  Since CNAMEs require special
  handling, this should be addressed.  Personally I think the CNAME
  should be returned in this case.

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to