[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNSEXT WG LAst Call: Dnssec OK bit.

To: Olafur Gudmundsson <ogud@tislabs.com>,Mark Kosters <markk@netsol.com>
Subject: Re: DNSEXT WG LAst Call: Dnssec OK bit.
From: "David R. Conrad" <david.conrad@nominum.com>
Date: Thu, 30 Nov 2000 11:33:21 -0800
Cc: DNSEXT WG Mailing list <namedroppers@ops.ietf.org>
Delivery-date: Thu, 30 Nov 2000 21:55:15 -0800
Envelope-to: namedroppers-data@psg.com

Mark (and Olafur),

At 12:12 PM 11/30/2000 -0500, Olafur Gudmundsson wrote:
>>Why is an ANY query listed along with SIG, KEY, and NXT? SIG, KEY, and NXT
>>have explicit security context whereas ANY does not. To me, an ANY query
>>is ambiguious at best should have the OK bit set for a RFC2535 response.

Somewhat unparseable sentence.

However, making assumptions on what you meant, there are a couple of ways 
to view DO.  One is that it differentiates between RFC 1035 and RFC 2535 
processing.  Another way to view the DO bit is as you have (I gather), 
namely when cleared, excise all DNSSEC related goop in a response.  I took 
the first approach, and as a result an ANY query should return what is 
available, regardless of whether it is DNSSEC related or not.

Rgds,
-drc

to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.

Prev by Date: Re: DNSEXT WG LAst Call: Dnssec OK bit.
Next by Date: Re: DNSEXT WG Last Call: EDNS0.5
Prev by thread: Re: DNSEXT WG LAst Call: Dnssec OK bit.
Next by thread: DNSEXT WG Last Call: Message Size
Index(es):
- Date
- Thread