On 5/2/23 17:04, Paul Wouters wrote:
My preferred definition is the one originally given by Paul Vixie, amended by
myself, and further amended by Peter Thomassen:
A lame delegation is said to exist when one or more authoritative
servers designated by the delegating NS rrset or by the child's apex NS
rrset answers non-authoritatively for a zone.
To me this would not be lame if the NS RRsets are identical. You might
have still have a broken server, but if parent and child agrees, I
would not call it "lame".
It's possible I got this completely wrong, but if one of the NS answer
authoritatively, then it doesn't serve a proper NS RRset, so it's not possible
for that server's response to agree / be identical with that on the parent
side. As a result, the delegation (to that server) is lame, no?
~Peter
--
https://desec.io/
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
