Extended DNS Errors proposal
bortzmeyer at nic.fr
Mon Mar 18 13:11:48 UTC 2019
On Mon, Mar 18, 2019 at 12:47:36PM +0000,
Nick via Unbound-users <unbound-users at nlnetlabs.nl> wrote
a message of 33 lines which said:
> For some client requests we would like to insist on DNSSEC, and
> others I would like to understand if DNSSEC failed, but still retain
> the option to get a result from the DNS lookup.
Clearly, DNS Extended Error is exactly what you want. Your use-case is
quite common. But DNS Extended Error is not yet a RFC and not yet
implemented (see my message about the IETF hackathon).
If you control the client application, getdns <https://getdnsapi.net/> may
More information about the Unbound-users