all
https://datatracker.ietf.org/doc/draft-valsorda-dnsop-black-lies/ I apologize to Olafur - i looked and did not see it when doing the agenda. On 4/8/16 10:39 AM, Edward Lewis wrote:
I can't find a draft to cite for this talk, so this refers to the slides presented. "DNSSEC Protocol Modifications" (http://www.rfc-editor.org/rfc/rfc4035.txt) has an explicit prohibition on names owning only NSEC and RRSIG. Yeah. I'm not holding this up as a royal edict. But it's there in plain text. Fortunately there's a rationale why the requirement language is there, so there's a starting point to "work on this." "2.3. Including NSEC RRs in a Zone ... An NSEC record (and its associated RRSIG RRset) MUST NOT be the only RRset at any particular owner name." _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
