[prev in list] [next in list] [prev in thread] [next in thread]
List: dns-operations
Subject: Re: [dns-operations] Cutting a zone with DNSSEC
From: Mark Andrews <marka () isc ! org>
Date: 2015-10-26 20:06:44
Message-ID: 20151026200644.21A373B24DFF () rock ! dv ! isc ! org
[Download RAW message or body]
In message <alpine.LSU.2.00.1510261531520.25050@hermes-2.csi.cam.ac.uk>, Tony F
inch writes:
> Mark Andrews <marka@isc.org> wrote:
> >
> > No. The validator should try other servers if the validation fails.
> > It just does more work until all the servers are up to date.
>
> OK, that's reassuring.
>
> And it's another point in favour of your argument that validating stubs
> should use CD=0, because CD=1 suppresses the recursive server's efforts
> to work around this kind of partial temporary breakage.
Yes.
RFC 6840 is just plain wrong to say always send CD=1 and named doesn't.
Mark
> Tony.
> --
> f.anthony.n.finch <dot@dotat.at> http://dotat.at/
> Irish Sea, Shannon, Rockall, Malin: South or southeast 5 to 7, occasionally
> gale 8 at first. Rough or very rough, occasionally high in Shannon and Rockal
> l
> at first. Rain or showers. Good, occasionally poor.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic