upvote
Cloudflare is well known for breaking DNS standards whenever they feel like it; they’re too big to ignore, so they get away with murder.
reply
So you’re cool with letting anyone walk your DNS?
reply
The problem here is that computing three 3 NSEC3 records as you might need to return an NXDOMAIN was considered too expensive. It's just a choice to reduce their costs while increasing complexity for everyone else.
reply