On Wed, Dec 09, 2015 at 12:27:33PM -0800, internet-dra...@ietf.org <internet-dra...@ietf.org> wrote a message of 39 lines which said:
> Title : The EDNS Key Tag Option > Author : Duane Wessels > Filename : draft-ietf-dnsop-edns-key-tag-00.txt 5.2.1 says: "If the client included the DO and Checking Disabled (CD) bits, but did not include the edns-key-tag option in the query, the validating recursive resolver MAY include the option with its own Key Tag values in full." I do not understand why. If the client sends DO and CD, it means the server won't validate and therefore "its own Key Tag values" is irrelevant, it won't be the keys used for validation. [Generally speaking, I think it complicated the protocol for little or zero gain. The key tags should be added by the one who validates, period.] _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
