> On 18 Mar 2024, at 9:32 AM, Dave Lawrence <t...@dd.org> wrote: > > Shumon Huque writes: >> The draft allows (but does not proscribe) NXDOMAIN to be inserted >> into the Rcode for non DNSSEC enabled responses. I guess the main >> reason for not being proscriptive was what I mentioned - there were >> deployments in the field that didn't. But I'm amenable to tightening >> up the language if there is consensus for it (and I'll also chat >> with the implementers). Since we also support signaled restoration >> of the NXDOMAIN RCODE field for DNSSEC enabled queries, I'm >> persuaded that we should probably close this divergence for non >> DNSSEC too. > > You already know my position on this, but for the list: yes, please, > do this. > > The existence of some deployments that currently do otherwise is > insufficient reason on its own to not specify better behavior. >
I agree with Tal on this. Geoff
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop