Thanks for considering my various suggestions. > On Jan 30, 2025, at 7:39 PM, Shumon Huque <shu...@gmail.com> wrote: > > > > Additional validation queries for the "glue" address RRs of referral > > responses (if not already authoritatively present in cache) SHOULD be > > I found this a little confusing at this place given that the next section > is Upgrading A and AAAA RRset Credibility. Maybe Updating Glue Credibility > should be a separate section. > > We actually do have a separate glue credibility section: > > "4. Upgrading A and AAAA RRset Credibility" > > Okay, we'll review that text and perhaps we can relocate it. >
I found it confusing that the draft talked about upgrading A / AAAA credibility in two places, but then I convinced myself that section 4 was about addresses learned from authoritative NS RR data, while the paragraph in the middle of section 3 was about addresses learned from non-authoritative NS RR data. It would be good to clarify and/or combine these IMO. Especially because it should be the common case that the two NS RRsets are (mostly) the same and the resolver would only need to revalidate the addresses once, not twice. DW
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
