DNSSEC protocol update 2
OPT-IN
- Made some problems in the implementation of DNSSEC more obvious
- Caching of NXT data
- MUST be cached as a property of QNAME/QCLASS/QTYPEotherwise overlapping NXTs may occur.
- wildcard handling
- bind9.3s20020722 almost does what it’s supposed to do.
- Number of open issues OPT-IN need clarifying
- Impact on authoritative servers and caching servers such as memory usage.
- The meaning of the AD bit in an OPT-IN response