[dns-operations] Cutting a zone with DNSSEC
Tony Finch
dot at dotat.at
Mon Oct 26 15:34:20 UTC 2015
Mark Andrews <marka at isc.org> wrote:
>
> No. The validator should try other servers if the validation fails.
> It just does more work until all the servers are up to date.
OK, that's reassuring.
And it's another point in favour of your argument that validating stubs
should use CD=0, because CD=1 suppresses the recursive server's efforts
to work around this kind of partial temporary breakage.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Irish Sea, Shannon, Rockall, Malin: South or southeast 5 to 7, occasionally
gale 8 at first. Rough or very rough, occasionally high in Shannon and Rockall
at first. Rain or showers. Good, occasionally poor.
More information about the dns-operations
mailing list