John Levine wrote:
... I'm guessing that it's intended to mean return the answer if you already have it. If so, we should document that. I see that unbound makes it an option but normally refuses any RD=0 queries.
it's a diagnostic query, like qtype=ANY, or qtype=NS. answering it should be privileged in some way, since it's an information leak that does not help the rdns operator in any way, but may help an attacker.
-- P Vixie _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
