only the response has aa flag can be cached?

[Kevin Darcy]

On 1/11/2011 11:40 PM, pyh at mail.nsbeta.info wrote:
>> These triggered the release of 9.7.2-P1
>> when we were rejecting these after tightening the response processing
>> to treat glue to answer responses as referrals to address the issue
>> of named return glue records from the parent zones rather than the
>> actual answers in the child zones. 
>
> Sorry I'm not the english speaking people.
> What does this statement mean?

To be honest, I'm not sure.

I think the gist is that one may see different AA=0 or AA=1 behavior 
from a BIND resolver, even on data originating from authoritative 
nameservers, depending on how broken those authoritative nameservers 
are, and what version of BIND is in effect. Also, answers from cached 
data will be AA=0. So the bottom line: the AA flag can't really be 
relied upon by an end-resolver so any caching decision made based on its 
setting would be foolish.

                                                                         
                                                                         
                                 - Kevin