> On Apr 21, 2021, at 4:39 PM, Wessels, Duane > <dwessels=40verisign....@dmarc.ietf.org> wrote: > >> 2.2: >> >> DNSSEC originally specified in [RFC2541] >> >> I thought this should be RFC 2535 rather than the operational guidelines? > > Sure, 2535 works for me. >
Oops, correcting myself here. It needs to be RFC 2541 because that is the one that mentions TCP. The text has been updated like this: and the second was the set of extensions collectively known as DNSSEC, whose operational considerations are originally given in [RFC2541]. ... while the latter warned "... larger keys increase the size of KEY and SIG RRs. This increases the chance of DNS UDP packet overflow and the possible necessity for using higher overhead TCP in responses." DW
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop