> From: Matthijs Mekking
> Some comments:
>
> - Section 4.1 relaxes the restriction for resolvers from RFC 4035 to MAY
> do aggressive NSEC/NSEC3 usage, while section 4.2 says that a resolver
> SHOULD support aggressive NSEC usage and enable it by default. This to
> me seems inconsistent use of t
On Sat, Mar 19, 2016 at 10:57:26AM -0400,
Paul Hoffman wrote
a message of 49 lines which said:
> With respect to the DO bit, there was a suggestion:
> Resolvers SHOULD send DO, and should try validate (if it gets signed
> responses).
There have been no discussion on the priming draft since.
Thanks, Jinmei.
> From: 神明達哉
> - Abstract: I suggest revising this on this point (see above):
>
>responses as well as some level of mitigation of random sub-domain
>attacks (referred to as "Water Torture" attacks).
>
> by either simply removing it or clarifying that it's mitigation fo
