DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: dnssec@cafax.se
From: Peter Koch <pk@TechFak.Uni-Bielefeld.DE>
Date: Thu, 13 May 2004 16:17:24 +0200
Content-ID: <13898.1084457842.1@grimsvotn.TechFak.Uni-Bielefeld.DE>
In-reply-to: Your message of "Thu, 13 May 2004 14:57:43 +0200." <20040513125743.GB5845@atoom.net>
Sender: owner-dnssec@cafax.se
Subject: Re: dnssec: resolver - application communication

Miek Gieben <miekg@atoom.net> wrote:

> SERVFAIL -> requery with CD=1 -> SERVFAIL -> "real" SERVFAIL
> SERVFAIL -> requery with CD=1 -> answer   -> "NOTVAL"
> 
> So: receiving two SERVFAILS signals something really broken, and
> receiving one SERVFAIL signal a NOTVAL. I don't see why:

in practice (i.e. without DNSSEC) there are corner cases where subsequent
queries result in exactly that: first earns SERVFAIL, second gets the answer.
So, if the difference between SERVFAIL and "NOTVAL" really matters, a third
query may be necessary.
There's another case with an "overloaded" error code (NOERROR/NODATA)
and quite some people who believe that's not too clean.

-Peter

References:
- Re: dnssec: resolver - application communication
  - From: Miek Gieben <miekg@atoom.net>

Prev by Date: Re: dnssec: resolver - application communication
Next by Date: Re: dnssec: resolver - application communication
Prev by thread: Re: dnssec: resolver - application communication
Next by thread: Re: dnssec: resolver - application communication
Index(es):
- Date
- Thread

Home | Date list | Subject list