RFC Errata
RFC 8945, "Secret Key Transaction Authentication for DNS (TSIG)", November 2020
Source of RFC: dnsop (ops)See Also: RFC 8945 w/ inline errata
Errata ID: 7983
Status: Verified
Type: Editorial
Publication Format(s) : TEXT, PDF, HTML
Reported By: Terts Diepraam
Date Reported: 2024-06-11
Verifier Name: Warren Kumari (Ops AD)
Date Verified: 2024-06-11
Section 5.2 says:
If the TSIG RR cannot be interpreted, the server MUST regard the message as corrupt and return a FORMERR to the server.
It should say:
If the TSIG RR cannot be interpreted, the server MUST regard the message as corrupt and return a FORMERR to the client.
Notes:
Server send an error to the client, not to itself.