On 22 Aug 2013 at 14:37, Joe Abley wrote: > If we accept that logic, then the pertinent questions is whether or > not NTAs should be standardised (in a protocol or operational > sense). I think the answer is yes. So do others. Some don't see > value in it, but that's fine; nobody is *requiring* anybody to > implement anything.
If they are made a part of the standard, then the various DNS implementations will be expected (reasonably) to implement them. And they then become a standard operational tool, making DNSSEC little better than the current certificate process. If recursive, caching nameserver operators have to roll their own implementation to achieve the goal, it keeps NTAs contained. Sure, some people will go to that trouble, but unless they have a well-defined reason to do so, most won't. Scott _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
