On Fri, Apr 13, 2018 at 05:35:14PM +0000, Evan Hunt wrote:
> On Sat, Apr 14, 2018 at 01:13:30AM +0800, Mukund Sivaraman wrote:
> > On Fri, Apr 13, 2018 at 04:31:35PM +0000, Evan Hunt wrote:
> > > I could have sworn there was an RFC published several years ago concerning
> > > the prevention of cache poisoning, which specified that resolvers had to
> > > ignore out of zone CNAMEs and re-query, but I can't find it now. Poor
> > > google skills, or did I dream the whole thing?
> > RFC 2181
> That was a "should", not a MUST. I thought I remembered something that
> upgraded it to MUST, but I can't find it now.
Nod, RFC 2181 doesn't use RFC 2119/8174 keywords, so the "should" there
doesn't have a pointy meaning.
DNSOP mailing list