The following errata report has been submitted for RFC8906, "A Common Operational Problem in DNS Servers: Failure to Communicate".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7689 -------------------------------------- Type: Editorial Reported by: Josh Soref <[email protected]> Section: 8.2.8 Original Text ------------- expect: DO=1 to be present if an RRSIG is in the response Corrected Text -------------- expect: flag: do to be present if ... Notes ----- The same section has `expect: flag: aa to be present`, and when running the suggested command, no `DO=1` is shown, which makes the advice unhelpful. Sample command: ``` $ dig +nocookie +edns=0 +noad +norec +dnssec soa $zone @$server ; <<>> DiG 9.16.44-Debian <<>> +nocookie +edns +noad +norec +dnssec soa powerdns.com @2600:3c03::f03c:91ff:fe55:e54d ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 45268 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 1232 ;; QUESTION SECTION: ;powerdns.com. IN SOA ;; Query time: 0 msec ;; SERVER: 2600:3c03::f03c:91ff:fe55:e54d#53(2600:3c03::f03c:91ff:fe55:e54d) ;; WHEN: Thu Oct 26 22:26:44 UTC 2023 ;; MSG SIZE rcvd: 41 ``` Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC8906 (draft-ietf-dnsop-no-response-issue-23) -------------------------------------- Title : A Common Operational Problem in DNS Servers: Failure to Communicate Publication Date : September 2020 Author(s) : M. Andrews, R. Bellis Category : BEST CURRENT PRACTICE Source : Domain Name System Operations Area : Operations and Management Stream : IETF Verifying Party : IESG _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
