[nsd-users] wildcard+ANY validation issue between NSD and Unbound

Miek Gieben miek at miek.nl
Fri Feb 24 13:28:13 UTC 2012

[ Quoting <peter.van.dijk at netherlabs> at 13:12 on Feb 24 in "[nsd-users] wildcard..." ]
> RFC4035 appears not to cover the interaction between ANY and NSEC at
> all.

That's because ANY has been loosly defined (I'm not sure there is a written
down definition) as give me the records you've got. In case you hit a
cache with an ANY query there is no guarantee what so ever that it should
all validate. I think that even for authoritative servers you can pretty
much do what you want if it receives a QTYPE = ANY.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20120224/31ef1da4/attachment.bin>

More information about the nsd-users mailing list