On 12 Feb 2020, at 16:48, Paul Hoffman wrote:
Good call. Would it make both parts clearer if the introduction
instead said:
Because the information returned in this protocol only applies to
recursive
resolvers, servers that are acting as both authoritative servers
and recursive
resolvers MUST only answer queries that are intended for the
recursive
resolver portion of the server. Servers that are only authoritative
servers
MUST NOT answer queries that are defined in this protocol.
It seems strange to me that this significant restriction is mentioned
only in the Introduction.
I think that a clearer expression of the first case might be
any server that can act as both an authoritative server and a
recursive
resolver MUST NOT answer queries that are defined in this protocol
whenever it is acting as an authoritative server.
If this still seems to leave a contradiction, it may be worthwhile to
view
the distinction as a property of the transaction, rather than of the
"portion
of the server". The server, if it receives a query for which it
determines
that an authoritative answer is appropriate, must not answer as if it
were
a recursive resolver.
Would it be useful to extend the protocol to include a signal for
"Sorry: authoritative here"?
I hope some of this helps.
/Niall
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
