> On 18 Mar 2024, at 9:32 AM, Dave Lawrence <t...@dd.org> wrote:
> 
> Shumon Huque writes:
>> The draft allows (but does not proscribe) NXDOMAIN to be inserted
>> into the Rcode for non DNSSEC enabled responses. I guess the main
>> reason for not being proscriptive was what I mentioned - there were
>> deployments in the field that didn't. But I'm amenable to tightening
>> up the language if there is consensus for it (and I'll also chat
>> with the implementers). Since we also support signaled restoration
>> of the NXDOMAIN RCODE field for DNSSEC enabled  queries, I'm
>> persuaded that we should probably close this divergence for non
>> DNSSEC too.
> 
> You already know my position on this, but for the list: yes, please,
> do this.
> 
> The existence of some deployments that currently do otherwise is
> insufficient reason on its own to not specify better behavior.
> 

I agree with Tal on this.

Geoff

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to