[dns-operations] negative dnssec replies
matthaeus.wander at uni-due.de
Sat Nov 26 17:50:09 UTC 2016
Router Log wrote on 2016-11-26 14:10:
> The signing of negative replies from dnssec enabled zones increase the
> size of the zone data an the complexity dns. For the ease of use and
> implementaion would it be a good idea that a dnssec enabled zone could
> signal to a querier that it intends to send unsigned nxdomain replies?
> This mechanism would have to be signed of course.
It's not wise to fight the complexity of a system by adding more
complexity to it.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5523 bytes
Desc: S/MIME Cryptographic Signature
More information about the dns-operations