On 31 Oct 2017, at 8:06, Sara Dickinson wrote:
So maybe “A DNSSEC validating client SHOULD apply the same validation policy to the A/AAAA meta-query lookup as it does to other queries.”?
That could be misinterpreted to indicate that there has to be some positive validation policy. How about:
A DNSSEC validating client SHOULD apply the same validation policy to the A/AAAA meta-query lookup as it does to other queries. A client that does not validate DNSSEC SHOULD apply any policy it has to the A/AAAA meta-query lookup. --Paul Hoffman _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
