To give an example of a user, Let's Encrypt are currently the unbound option of harden-below-nxdomain (https://community.letsencrypt.org/t/minor-dnssec-validation-change/246329) which implements RFC 8020 for DNSSEC signed domains.

On 18/06/2026 22:59, John R Levine wrote:
On Thu, 18 Jun 2026, Olafur Gudmundsson wrote:
In the 10 years that “X lies” have been in use there has only been minimal set of complaints all all of them from end-user tools, no complaints about behavior of resolvers or forwarders, as they only care about one thing:
“Does the record being asked about exist?” full stop.

The existence of the name is a wider scope that only end-user-tools may care about.

You don't know anyone who's using RFC 8020?  I'm not snarking, it's a real question.

R's,
John

PS: THe urge is great to subit an erratum for 8020 which replaces the entire text sith "just kidding."

PS: There was another copy of this email sent from an address that can't send mail to the IETF, please disregard it.

_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to