Paul Wouters <p...@nohats.ca> writes: > Should item 3. be "if the answer is INSECURE" instead of "If the query > is INSECURE" ?
Good catch, fixed. > And should it be "w/o the DO and AD bit set" instead of "w/o the AD > bit set" ? I think not, because if the DO bit was set and you understand it but need to return non-DNSSEC protected data, I think we should be returning the DO bit but no AD or DNSSEC data. I suppose you could argue that since we can't do DNSSEC we shouldn't say we're DO (DNSSEC) compliant? -- Wes Hardaker Parsons _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop