On May 3, 2025, at 7:07 AM, Philip Homburg <[email protected]> wrote: > The problem starts when a standards track document promotes a name that > does not exist for some purposes.
Like: RFC 2605 RFC 7686 RFC 9476 ...? I don’t think this has been or is the problem. I believe the problem starts when users want to make particular assumptions about names that do not exist (e.g., they should be looked up in some non-DNS system, they are for internal use, etc.) > That's a situation that requires careful handling. Either by not having > such a document in the first place or by making sure that the name > that does not exist can be used safely without manual configuration on > any end-user device that happens to include a DNSSEC validator. As Paul points out, this suggests a need for documentation on how an end-user device that happens to include a DNSSEC validator should behave in the face of names that do not exist for some purpose. Regards, -drc
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
