Q1) Suppose a security-aware caching resolver receives DNS RRset at time t0 with signatures on it which expire at time t1 (where t0 < t1), and the RRset's TTL is n. According to DNS, RRsets must be cached for duration of TTL and then discarded. What must a security aware resolver do if t0 + n > t1?