Bind treats it as unknown as there are no private types yet. If one decides to add support for a private type then you add the code to check the identifier of the private type and differentiate that from other private types.
This behaviour is specified but not yet implemented. The same applies to OIDs. -- Mark Andrews > On 28 Mar 2022, at 19:49, Nils Wisiol <n...@desec.io> wrote: > > On Mon, 2022-03-28 at 12:23 +1100, Mark Andrews wrote: >> Please quote where it is stated that “private is not for >> experimentation”. >> >> >> >> Private is private. Do what you want with it as long as you identify >> the >> >> the algorithm uniquely and that includes experimental >> implementations. > > Hi Mark, > > my understanding of 'private' is that I cannot have any expectations on > how the resolver will treat it. Hence, when experimenting with new > DNSSEC algorithms, 'private' is not the behavior I am interested in. > Instead, I am interested how the resolver would treat my new algorithm > if it was assigned a (regular, non-private) code point. > > Arguing that resolvers would behave the same on unknown code points and > private code points is difficult, as a large portion of users use > closed-source implementations. You said yourself that BIND "currently" > treats 253 as unknown; so different behavior is conceivable? This > uncertainty can be partially addressed by reserving some code points > for "unknown algorithms" behavior (rather than the semantics of 253). > > While this will not solve all concerns with such studies, I'm not aware > of significant downsides to reserving more code points. (Other than > running out of numbers, do you have any other concern?) > > Alternatively, people can just used unassigned numbers. I did that > recently, and my impression was that people read that as me trying to > create facts for a future official number assignment -- an impression > that I did not intend to make and would like to avoid in the future. > > Best, > Nils > > > -- > deSEC e.V. · Kyffhäuserstr. 5 · 10781 Berlin · Germany > > Vorstandsvorsitz: Nils Wisiol > Registergericht: AG Berlin (Charlottenburg) VR 37525 > > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
