Eric Rescorla has entered the following ballot position for draft-ietf-homenet-dot-13: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-homenet-dot/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- A. Recursive resolvers at sites using 'home.arpa.' MUST transparently support DNSSEC queries: queries for DNSSEC records and queries with the DO bit set ([RFC4035] section 3.2.1). While validation is not required, it is strongly encouraged: a caching recursive resolver that does not validate answers that can be validated may cache invalid data. This in turn will prevent validating stub resolvers from successfully validating answers. I don't understand the rationale for this requirement. As I understand it from this document, stuff ending in home.arpa cannot be DNSSEC validated, so what's it the business of this document to levy the requirement on sites which support home.arpa that they do anything with DNSSEC at all. _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
