At 9:55 AM -0400 7/13/09, Livingood, Jason wrote: >On the topic of 'lying resolvers' though, that seems a bit strong IMHO. But >perhaps I have missed a strong MUST statement (per RFC 2119) in a relevant RFC >that you could refer me to?
I am not aware of an RFC that says something to the effect of "when you are responsible for translating addresses and you get some information that was requrested, you MUST NOT lie about it to the requester", but it might exist. But that's immaterial. Even if the resolver has a good reason to lie, it is lying, and your document should encourage the resolver to be honest about that fact. The recipient might not care, or might very much want to be lied to to protect the recipient from doing something dangerous, but it should be made aware, if possible, that it is talking to a lying resolver. --Paul Hoffman, Director --VPN Consortium _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
