> On Jun 18, 2024, at 10:49 AM, Paul Hoffman <paul.hoff...@icann.org> wrote: > > Responding to one bit of Duane's response. > > On Jun 18, 2024, at 10:40, Wessels, Duane > <dwessels=40verisign....@dmarc.ietf.org> wrote: > >>> What should an authoritative nameserver return as zone version if it is >>> configured as authoritative nameserver but can't get the zone version (eg >>> because "no permission to read file") One way would be to allow it to >>> return >>> a zero length for ANY type and define that as an error condition. >> >> I think the authors will need to discuss how to handle error conditions like >> this >> and get back to you. > > PaulW's DISCUSS on this topic doesn't make sense. If a server is > authoritative for a zone, it has know the version of the zone: the zone is > incomplete without its version. If the server doesn't know the version, it > should not be answering any queries for that zone at all.
Yes, perhaps. The one example I could think of is if the server was configured to be authoritative for a zone, but is unable to load the zone data either via network or disk. A server could just omit any zone version in this (rare?) case. The only reason to do something other than that would be for the server to indicate it supports zone versioning but not at that moment for that zone. DW
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org