On Wed, Nov 2, 2011 at 8:33 PM, Larry Smith <lesmith@ecsis.net> wrote:
On Wed November 2 2011 20:27, Matt Chung wrote:
I assumed that the applications would take absent records into When you mis-place your keys do you only look in one place and then give up? The calling server does not know there is "no" record until it exhausts
If the reverse zone is properly configured, but just the PTR record is missing, you get NXDOMAIN, which is not "you mis-place your keys"; it's "someone told you authoritatively that your keys don't exist", never existed or no longer existed. If you ask where your key ring went, and Frodo Baggins informs you that it doesn't exist, because it was tossed down into a pool of magma on mount doom, and you trust his reply, you stop looking for it. The only way you don't trust a valid DNS reply is if you are implementing DNSSEC, and the "authoritative proof of non-existence" doesn't validate -- -JH