Jim Reid <[email protected]> wrote: > On 11 Apr 2012, at 15:48, Shane Kerr wrote: > > > Disabling DNSSEC validation for broken domains seems completely > > rational, at least for some types of brokenness. > > +1
I agree, and this is what the draft says. I suppose this sub-argument is over where to draw the line, which indicates to me that the draft should not go into detail about policy since this will depend a lot on the relative bloody-mindedness of operators and their user bases. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Shannon, Southwest Rockall: Northwesterly 5 or 6. Rough or very rough. Rain or showers. Moderate or good. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
