On Fri, Sep 23, 2016 at 07:57:26PM +0000, Viktor Dukhovni <[email protected]> wrote a message of 73 lines which said:
> This would I believe cause problems if one then concludes that the > subtree below the QNAME is absent. For the record, I agree with Robert Edmonds: this case is well covered in the current draft-ietf-dnsop-nxdomain-cut-05, with the concept of "denied name" (which is often, but not always, the QNAME). > So the NXDOMAIN for "truth" in the first query definitely does not > preclude a "stranger" subtree under "truth". It only attests to the > non-existence of "fiction". > > IIRC, reading a long-ago discussion on this topic, Paul Vixie, for > one, seemed to say that the first NXDOMAIN response is not only > acceptable, but is in fact the more correct choice. Yes, and it has been settled some time ago, with RFC 6604. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
