16 Feb
2007
16 Feb
'07
12:05 p.m.
On Fri, Feb 16, 2007 at 10:29:41AM +0000, Lutz Donnerhacke <lutz@iks-jena.de> wrote a message of 20 lines which said:
Of course, it's a slightly modified bind. What's wrong with using the NSEC data for negative caching?
RFC 4035, "4.5. Response Caching" In theory, a resolver could use wildcards or NSEC RRs to generate positive and negative responses (respectively) until the TTL or signatures on the records in question expire. However, it seems prudent for resolvers to avoid blocking new authoritative data or synthesizing new data on their own. Resolvers that follow this recommendation will have a more consistent view of the namespace.