Ted Lemon <ted.le...@nominum.com>于2016年3月11日周五 下午12:26写道:
> > I think this document could be made a lot simpler if it simply said what > it says in the abstract, without placing new requirements on DNS caches. > Right now it says DNS caches SHOULD take an NXDOMAIN on a particular > domain as applying to all names under it. This is certainly a valid thing > to do, and I can think of ways to do it reasonably efficiently even wish a > hashed cache, but reasonably is still O(number of labels) instead of O(1). > If you just say what the abstract says and nothing more, that allows > implementations to be "more efficient," as you suggest, without requiring > implementations to be less efficient. Granted, it's a SHOULD, but I think > that still goes too far. You should just say that NXDOMAIN means what you > want it to mean, and leave it at that. > another choice : Authority Server return NODATA/NXDOMAIN as nxdomain cut, but no change on DNS cache. Some impact on NSEC/NSEC3 records. - no names under foo.example => NXDOMAIN at foo.example - zone with bar.foo.example, where foo.example does not exist => NODATA or NOERROR + NULL Answer at foo.example -- Best Regards Pan Lanlan
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
