>
>
>> 6. IANA Considerations
>
> " TODO: This document requires IANA actions (new RR type)."
>
> What new RR type is needed? Looks to me like all standard RR's.
>
> Thanks Bob!
My mistake, this is a left over from copy/pasta. I removed it from master.
Manu
--
> Bob Harold
>
>
On Mon, Mar 11, 2019 at 12:21 PM manu tman wrote:
> Hi all,
>
> I have captured in a draft the mechanism I used during IETF 103 hackathon
> and which is available aan experimental module in knot-resolver[0]. I was
> taken short with time before cit-off date, but I hope this will better
> explain
manu tman:
What I meant is roughly around the line of
https://tools.ietf.org/html/draft-bortzmeyer-dprive-resolver-to-auth-01#section-2
. e.g if you operate a resolver in strict mode, and DoT fails (connection
to port 853, fail to validate SPKI) while the name of the name server
indicates
Thanks Andreas,
> what's the reason for "In opportunistic mode, the resolver MUST use the
authoritative name server despite the failure." ?
> A server operator can't distinguish between a resolver in strict mode an
a resolver in opportunistic mode TOGETHER with a failure (on server side?)
> An
Am 11.03.19 um 17:20 schrieb manu tman:
> I have captured in a draft the mechanism I used during IETF 103 hackathon and
> which is available aan experimental module in knot-resolver[0].
> I was taken short with time before cit-off date, but I hope this will better
> explain how it works.