On 03-02-2021 20:31, Paul Hoffman wrote:
For each of these, I'd recommend specifying what a client does in each of the
cases, rather than weasel wording the SHOULD with respect to the zone contents
to turn this into an implementable protocol.
Here, I agree that the draft is unclear. It should say explicitly "resolvers keep
doing $z, there is no change here". Also, for the text about authoritative servers,
I agree that changing the SHOULDs from the current standards to MUSTs.
Changing this to MUST means that every time a zone changes its SOA TTL
or SOA MINIMUM value, the whole chain of NSEC/NSEC3 records need to be
updated accordingly immediately. That may be undesirable for a large zone.
BIND for example would make such a change incrementally, so there may be
a period of time where the NSEC/NSEC3 records still have the TTL of the
previous SOA TTL/MINIMUM value. With a SHOULD keyword we can keep this
behavior. With a MUST less so, I think.
So I am against changing these SHOULDs to MUSTs.
Best regards,
Matthijs
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
