On Jul 27, 2009, at 10:37 AM, Olafur Gudmundsson wrote:
At 00:56 27/07/2009, venkatesh.bs wrote:Hi all,I have one query regarding DNS cache maintaince in dns resolver, Whether DNS Cache should be based on per server address or based on FQDN only.DNS caches MUST cache by the holy DNS Trinity: Query Name, Query Type, Query Class
DNSSEC aware caches the cache should remember the setting of the DO bit in the answer.
The what? What makes you think that the DO bit in the *answer* means anything?
From dnssec-bis-updates, section 4.5:To be clear, in replies to queries with the DO-bit set servers may or may not set the DO bit. DNSSEC-aware caches do need to retain whether or not a particular cache entry was an answer to a DO=1 *query*. In practice they do this by setting DO=1 on all queries.
-- David Blacka <[email protected]> Sr. Engineer VeriSign Platform Product Development
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
