Bob Harold <rharo...@umich.edu> writes: > > Did you read the new replacement sentence? > > > > Applications MUST continue to follow requirements from applicable > > specs on how to process RCODEs no matter what EDE values is also > > received. > > > > Is that sufficient? > > Yes, thank you. > > --Paul Hoffman > > Just a note. The original draft had a 'retry' code that was intended > to change how the client reacted. That has been removed, but there > are still some that would like to 'act on' the EDE. One reason given > for not doing that is that is can be spoofed or changed by attackers, > so it cannot be trusted. I was hoping that this could improve some > cases where the client is not acting in an optimal way, but I can > understand why that would be discouraged. Should we warn implementers > of the issues, but still not forbid acting on them?
Well, I think the new text tries to do this, no? Specifically, we're now saying "follow other specs", but we don't specifically prohibit not-acting if there are no other specs that intervene. -- Wes Hardaker USC/ISI _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
