On 9/26/16, 20:49, "Mark Andrews" <ma...@isc.org> wrote:
>No. SHOULD is not MUST. Every SHOULD has a implict UNLESS
><unspecified reason>. In this case we actually have a reason for
>the why the second and third SHOULD are not MUSTs.
>
> I could turn first SHOULD into a MUST and still reach the MAY.
I have to admit I don't quite understand that response. (This coming after
reading some children's books by Roald Dahl where he just makes up words and
tries to explain them.)I'd written up a response, but perhaps the intent of the text is fine. The way it is written is what is throwing me. Perhaps instead of this: # When an iterative caching DNS resolver receives a response NXDOMAIN, # it SHOULD store it in its cache and all names and RRsets at or below # that node SHOULD then be considered to be unreachable. When an iterative caching DNS resolver receives a response with RCODE being NXDOMAIN, the resolver SHOULD store the response in its (negative) cache. During the time the response is cached, any query with a QNAME at or descended from the denied name that is not otherwise cached (positively), can be assumed to result in a name error. Responses to those queries SHOULD set RCODE=NXDOMAIN (using the DNSSEC records cached as proof). ...that's not the best wording either - but "unreachable" is not a term I'd use. I'm not sure "negative cache" and "positive cache" are recognized terms. >Temporal issues are not new. There is something oddly ironic about that statement.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
