> On 2 Mar 2021, at 14:32, Joe Abley <jab...@hopcount.ca> wrote: > > On Mar 2, 2021, at 08:16, Ulrich Wisser <ulrich=40wisser...@dmarc.ietf.org> > wrote: > >>> It leads to bogus in a server that *only* support algorithm 8 because THERE >>> IS NOT AN RRSIG OF WITH ALGORITHM 8 >> >> I understand that RRSIGs are missing, but what does “bogus in a server” >> mean? > > I think Mark's point that a validator that only supports algorithm 8 will > consider the response bogus. >
Yes, of course. But as long as the validator supports both algorithms and uses lax-validation, it should work. It is at least something, not a perfect solution, but it solves some of the use cases. > > Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
