Re: Who does this really affect, its hard to tell....
I suspect it only affects DNS resolvers running on ISP servers, and individual users won't be affected at all, even when you're running an ancient version of windows...
In order to state the query as 'authoritative' you'll need that key stuff mentioned in RFC 8145 is for the conversation between the 'resolver' (running on the client) and the server, using DNSSEC. I don't believe that DNSSEC is actually _REQUIRED_ though, and older servers should still work.
I would expect older clients NOT using DNSSEC to work just fine, also.
If you're trying to resolve the queries yourself, and NOT use an ISP server for DNS, then maybe this will affect you. Or not.
If you're using a forwarding server or cacheing server from your ISP (or 8.8.8.8 for google's DNS server) then I'd expect it to work just fine and not break anything.
but worst case you could temporarily turn off DNSSEC [though I doubt it would be necessary]
The question here is MOST likely what the ISP cacheing servers will be doing, and whether those would all need to be updated. And yeah, it could cause a BIG problem if they can't resolve DNS queries any more...
Biting the hand that feeds IT
