Paul Hoffman wrote:
At 9:55 AM -0400 7/13/09, Livingood, Jason wrote:
On the topic of 'lying resolvers' though, that seems a bit strong IMHO. But perhaps I have missed a strong MUST statement (per RFC 2119) in a relevant RFC that you could refer me to?
I am not aware of an RFC that says something to the effect of "when you are responsible for translating addresses and you get some information that was requrested, you MUST NOT lie about it to the requester", but it might exist.
That would be in the SLA the provider agrees to provide service under.
Its part of the warranty for fitness, so while its not in the Standard
itself - the use of the Standard to commit electronic fraud with will
have criminal blow-back as well Paul.
But that's immaterial. Even if the resolver has a good reason to lie, it is
lying, and your document should encourage the resolver to be honest about that
fact. The recipient might not care, or might very much want to be lied to to
protect the recipient from doing something dangerous, but it should be made
aware, if possible, that it is talking to a lying resolver.
--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.375 / Virus Database: 270.13.12/2234 - Release Date: 07/12/09 17:56:00
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop