[If you don't enjoy byzantine discussions, with a lot of
chapter-and-verse mentions of RFCs, please skip the thread.]
I've been directed recently to RFC 4035 and there is a question I would
like to ask about its handling of ENTs.
Section 3.1.3 says:
No Data: The zone contains RRsets that exactly match <SNAME, SCLASS>
but does not contain any RRsets that exactly match <SNAME, SCLASS,
STYPE>.
Name Error: The zone does not contain any RRsets that match <SNAME,
SCLASS> either exactly or via wildcard name expansion.
The second item means that a "name error" (NXDOMAIN) is an appropriate
response for an ENT. It seems to contradict all recent RFCs.
Section 3.1.3.2 mentions explicitely the ENT but just says to send
NSEC records, and does not mandate a specific error code (except in
its title, which is a bit ambiguous).
My gut feeling is that RFC 4035 is wrong. But I prefer to ask first:
how do you read it?
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
