On Thu, Feb 07, 2019 at 04:47:01PM +0100, Petr Špaček <petr.spa...@nic.cz> wrote a message of 129 lines which said:
> > 4.1.1. NOERROR Extended DNS Error Code 1 - Unsupported DNSKEY Algorithm > > > > The resolver attempted to perform DNSSEC validation, but a DNSKEY > > RRSET contained only unknown algorithms. The R flag should be set. > > > > 4.1.2. NOERROR Extended DNS Error Code 2 - Unsupported DS Algorithm > > > > The resolver attempted to perform DNSSEC validation, but a DS RRSET > > contained only unknown algorithms. The R flag should be set. > > Why R flag? This is not an error, resolution suceeded, But without the AD flag. > and there is nothing to retry. I propose change both cases to "The R > flag should not be set." In both cases, because another resolver may know other, different algorithms and therefore succeed to validate. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
