In message <D1E3F194-34AD-4968-8ACE-7E8D7990413B@xxxxxxx>, manning bill writes: > EDNS is essential for the implementation of DNS Security Extensions. > All roots support DNSSEC. > Calling out EDNS0 at this time is moot. Actually there are implementations that do DNSSEC fine but botch EDNS. We have drafts coming through the IETF that expect full EDNS version 0 compliance to work without having to do gross hacks like dealing with incorrectly returned FORMERR, BADVERS and queries being dropped because they happen to try to use a extension. The current root servers get this right. This is about preventing things going wrong in the future. It is also about TLDs and others that use the root server requirements as a basis for their requirements. Mark > (I'll say that 2870bis is on thin ice, since the IETF/IAB have no > leverage on root server operators. This community can pontificate at > length, but the actual operations will > dictate, not some wish list from an "arms-length" standards body... > Just sayin') > > /bill > PO Box 12317 > Marina del Rey, CA 90295 > 310.322.8102 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx