On 14/04/2021 10:19, Stephane Bortzmeyer wrote:
> Regarding dnsop work, the same report suggests to modify RFC 5625 "DNS
> Proxy Implementation Guidelines" to replace the MAY in section 6.3 by
> a MUST. I think that the reason there is currently a MAY is not
> because RFC 5625 finds invalid compression pointers acceptable but
> simply because some proxies may not perform a full parsing of the RR
> in the sections.
Yes, that was pretty much it.
Many DNS proxies / ALGs don't inspect the packet contents at all, so a
stronger generic requirement was not feasible.
(The suggested SERVFAIL response is wrong, I think. It should've been
FORMERR)
Ray
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
