[dns-operations] .ORG is signed
Alexander Gall
gall at switch.ch
Fri Jun 5 12:52:15 UTC 2009
On Fri, 05 Jun 2009 13:53:07 +0200, Florian Weimer <fweimer at bfk.de> said:
> * Chris Thompson:
>> This happens whether the DO bit is set in the request or not. Was it
>> happening before the zone was signed?
> There was a time when negative responses weren't consistent across all
> the servers, but some of the servers returned a zero TTL, too. So the
> answer is "yes".
Indeed. Also note that the TTL on the SOA RR itself is 0 as well. I
once asked them why they do this and their answer was a reference to
RFC 1035, Section 3.2.1 (in the description of TTL):
"For example, SOA records are always distributed with a zero TTL to
prohibit caching."
I then pointed them to RFC2181 section 7.2. but never got a reply to
that. If they only implement 1035, they might not have heared of
negative caching either ;)
--
Alex
More information about the dns-operations
mailing list