[drifting off topic]
> On Oct 2, 2024, at 00:10, Paul Vixie <[email protected]> > wrote: > > > > > i would not. much of the world now relies upon inauthentic dns responses for > defense against bad actors. that's a limitation of RPZ. Years ago I proposed to move the Answer to the Authority section so you can filter AND provide the data for dnssec validation. I even proposed to write a bis doc, but the authors/ISE left the rpz doc as a draft, leaving a potential bis doc in limbo. Paul _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
