On Wed, 17 Feb 2016, Tony Finch wrote: > 2KB is uncomfortably small for other RRsets - .gdn and .hiv have DNSKEY > RRsets which produce message sizes larger than 2KB. though having 6 DNSKEY's of which only two produce RRSIGs is not really a best practise either :) Paul