Moin! On 14 Mar 2023, at 22:57, John R Levine wrote:
>> John it won’t work with chained validators. > > How about if I only send a "lie to me" option upstream if I get one from my > client? I realize this means takeup will be pretty slow. Clients have no control over what a resolver does upstream, EDNS0 is hop by hop and we don’t have good track record of singling anything in DNS. What you want is really not doable with EDNS0 IMHO, as we have that spaghetti as Geoff Houston always says that is DNS and unfortunately has chains of resolvers before getting to any auth. So long -Ralf ——- Ralf Weber _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
