On Wed, 18 Jul 2012, Olaf Kolkman wrote:
If you talk about registrant registrar interaction then your DNSSEC authentication mechanism should be as strong as your non-DNSSEC authentication mechanism.
And if you want to comply to FIPS-140, then ensure the channel security through which you send/protect your key material is at least as strong as the security of the key material transported within that channel. Paul _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
