On Thu, Jan 14, 2016 at 11:09:36AM -0800, Paul Hoffman <paul.hoff...@vpnc.org> wrote a message of 34 lines which said:
> Setting the RD bit to 1 could result in non-authoritative answers. Today, all root name servers are not recursive. It seems good practice, even if I'm not sure it's formally written somewhere (I do not find it in RFC 7720). > If the response to a priming query is non-authoritative, should the > resolver reject it and try more queries? I would say yes, since it is supposed to be sent to authoritative servers. If a name server is deprecated and replaced by a resolver, not authoritative for the root, I tend to think that its response cannot be trusted. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
