On 2/29/16, 10:03, "Shane Kerr" <sh...@time-travellers.org> wrote:
>Ah. So you don't like identifying magic zones (other than in-addr.arpa, >ip6.arpa, .example, .local, ...). Fair enough. What's magic about any of them? In the protocol they all are processed the same. There is no "reverse DNS" protocol, what's confusing is that there is a convention for storing addresses in the DNS. (E.g., myhost.*.foo.bar.in-addr.arpa. is an acceptable domain name. Applications never seriously look it up.) If asked on port 53, name servers will return NXDOMAIN for names under "example." and "local." if those names lack NS sets in the root zone. All magic treatment of those names occur in other software layers. >I don't expect to change your mind but hopefully I understand your >position and can thus disagree with your actual stance. ;) I have no idea why assembling a NXDOMAIN response from cached DNSSEC negative answers is any different if the QNAME is managed by the root zone or is managed by a zone delegated away from the root. The only thing unique to the root zone is that there is no authority that can publish the root zone's DS record, which has nothing to do with the question at hand.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
