I wanted to confirm the way Let's Encrypt client validates cert TXT files. In a scenario where there are 6 Name Servers available, should we see queries for ALL of them in order to get a successful validation?
I got a aware of a scenario where this happens and wondering whether that's RFC compliant:
https://www.ietf.org/rfc/rfc1034.txt
5.3.3. Algorithm
The top level algorithm has four steps:
1. See if the answer is in local information, and if so return
it to the client.
2. Find the best servers to ask.
3. Send them queries until one returns a response.
4. Analyze the response, either:
a. if the response answers the question or contains a name
error, cache the data as well as returning it back to
the client.
b. if the response contains a better delegation to other
servers, cache the delegation information, and go to
step 2.
c. if the response shows a CNAME and that is not the
answer itself, cache the CNAME, change the SNAME to the
canonical name in the CNAME RR and go to step 1.
d. if the response shows a servers failure or other
bizarre contents, delete the server from the SLIST and
go back to step 3.
From the above, we would expect the queries to be routed to one NS and if it isn't working, route the request to other NS, until we get a response.
Any information about this would be highly appreciated.