--On 22 October 2011 19:41:58 +0000 Ted Lemon <ted.le...@nominum.com> wrote:
Yes. But if a bare name is used, a bogus search list can also bypass DNSSEC validation.
For the hard of understanding, please could you expand on this? Doesn't the client know the full name being looked up, even with a search list? -- Alex Bligh _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop