On Tue, Jul 18, 2017 at 06:20:56PM +0530, Mukund Sivaraman <m...@isc.org> wrote a message of 27 lines which said:
> It is to put draft-ietf-dnsop-nsec-aggressiveuse to use with unsigned > zones. That's quite funny. During the development of RFC 8020 (draft-ietf-dnsop-nxdomain-cut), which addresses the same concern as draft-ietf-dnsop-nsec-aggressiveuse, many people said that the feature was dangerous, and we should mandate the use of DNSSEC. In the end, it is not mandatory (see sections 2, 3rd para, and section 7 of RFC 8020). draft-ietf-dnsop-nsec-aggressiveuse is more aggressive (because it can now synthetizes answers) so it seems to me the same reasons should apply? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop