[dns-operations] The reverse for ::1 is signed as non-existent

[Edward Lewis]

Not cross-posted...

>On 2012-02-16, at 19:55, Mark Andrews wrote:
>
>>  As per RFC 6303 this answer should not be signed.  See IANA
>>  Considerations.  Please take steps to correct.  This is breaking
>>  validating stub resolvers and validating nameservers that forward
>>  this request to a nameserver with default local zones configured.

This is why I asked, a long time ago, for a "negative trust anchor." 
My context then was split dns[0] and the need to tell validators that 
internally a zone wasn't signed even if externally it was.

The request was a long time ago, maybe 5 years ago, and was forgetten.

[0] undefined in the IETF context; meaning any time a stub network 
uses different name resolution inside the stub network from the 
general public Internet.  Definitely applicable to RFC 1918 space 
(plus localhost reverse map).
-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

2012...time to reuse those 1984 calendars!