On Thu, Aug 21, 2014 at 10:52:46AM +1000, Mark Andrews wrote: > It was also a required step as you can't reliably > validate in the client unless the recursive server has filtered out > the spoofed answers.
If I understand you correctly, this devolves to the claim that the validating client has to do its own recursion, lest it trut something without basis. Is that what you're suggesting? I'm not opposed, but let us be clear. A -- Andrew Sullivan [email protected] _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
