Moin!
On 14 Mar 2023, at 22:57, John R Levine wrote:
>> John it won’t work with chained validators.
>
> How about if I only send a "lie to me" option upstream if I get one from my
> client? I realize this means takeup will be pretty slow.
Clients have no control over what a resolver does upstr
John it won’t work with chained validators.
How about if I only send a "lie to me" option upstream if I get one from
my client? I realize this means takeup will be pretty slow.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before
John it won’t work with chained validators.
--
Mark Andrews
> On 15 Mar 2023, at 07:59, John Levine wrote:
>
> It appears that Peter Thomassen said:
>> So I take it that when the EDNS signal is there, compact DoE responses get
>> an NXDOMAIN code.
>>
>> In case the EDNS flag is not set,
It appears that Peter Thomassen said:
>So I take it that when the EDNS signal is there, compact DoE responses get an
>NXDOMAIN code.
>
>In case the EDNS flag is not set, does the nameserver return (a) the compact
>proof (with sentinel in
>the type map) is sent, but with a NOERROR code, or (b) a
On 3/14/23 17:05, Shumon Huque wrote:
The NXDOMAIN or NOERROR "state" definitely has to be proven by the signed
records inside the message.
(...)
So, I think the only way we could safely do RCODE replacement for signed
responses is by the use of an EDNS signal.
I'd like to understand bet
Shumon Huque wrote on 2023-03-14 09:05:
...
So, I think the only way we could safely do RCODE replacement for signed
responses is by the use of an EDNS signal.
sadly, +1.
--
P Vixie
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mai
On Sun, Mar 12, 2023 at 6:03 AM Vladimír Čunát
wrote:
> On 06/03/2023 03.35, Shumon Huque wrote:
>
> I suspect that unilaterally putting NXDOMAIN into the rcode field will
> break a lot of validator code. They are likely to use the rcode to advise
> them on what type of proof to look for in the m
Reviewer: Barry Leiba
Review result: Ready
Thanks for a clear, concise, and, if I may say, valuable document. I couldn't
even find any typos.
I have two very minor comments, both of which can be ignored if you prefer:
1. In Section 4, you use "somename.alt" -- was that chosen over "example.alt"
Hi DNSOP WG,
The liaison statement has been sent, and can be found here:
https://datatracker.ietf.org/liaison/1821/
Regards,
Rob
From: DNSOP On Behalf Of Rob Wilton (rwilton)
Sent: 08 March 2023 10:30
To: Joe Abley ; d...@virtualized.org; George Michaelson
Cc: dnsop@ietf.org; draft-ietf-d
