Interesting: it sends the signature before the SOA (and it breaks at
least one DNS program - one of mine, shame):
% dig @ns02.one.com. SOA masters-consultants.fr.
; <<>> DiG 9.9.5-9+deb8u3-Debian <<>> @ns02.one.com. SOA masters-consultants.fr.
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51995
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1680
;; QUESTION SECTION:
;masters-consultants.fr. IN SOA
;; ANSWER SECTION:
masters-consultants.fr. 14400 IN RRSIG SOA 8 2 14400 (
20160121000000 20151231000000 58536
masters-consultants.fr.
FOZbAQLnjdq9GPIvAJWUi5LURWMBubbFAMj6q/GVn2mu
jdU8IjNL+9+pxY/hZCEFd2Fpubkslvl161q6eYXR3Po0
xbI54ZDVvGOvUG/7zhHhwZKTYfoksjQdGjrwfyvdg8F0
JcMV8v0jd8433Vm+d7VkSeomfbMXOlImKIUutQ1KqlBR
rP0tiuhzXWNZmb8jL4nPg46kc/sqmObbQW2Ujg== )
masters-consultants.fr. 14400 IN SOA ns01.one.com. hostmaster.one.com. (
2016010811 ; serial
14400 ; refresh (4 hours)
3600 ; retry (1 hour)
1209600 ; expire (2 weeks)
900 ; minimum (15 minutes)
)
;; Query time: 154 msec
;; SERVER: 2001:67c:28cc::138#53(2001:67c:28cc::138)
;; WHEN: Mon Jan 11 22:19:03 CET 2016
;; MSG SIZE rcvd: 324
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
