In message <cahw9_ildgnkmervovhhj41fswm6+5yj0tdxrsj17kdhzqty...@mail.gmail.com> , Warren Kumari writes: > > ... and Mark Andrews, Paul Hofmann, Paul Wouters, myself and a few others > (who I embarrassing enough have forgotten) are planning on writing a "zone > signature" draft (I have an initial version in an edit buffet). The 50,000 > meter view is: > Sort all the records in canonical order (including glue) > Cryptographicly sign this > Stuff the signature in a record > > This allows you to verify that you have the full and complete zone (.de...) > and that it didn't get corrupted in transfer. > This solves a different, but related issue. > > Hope to finally get off my butt and post -00 soon. > > W
Which is similar to RFC 2065, 4.1.3 Zone Transfer (AXFR) SIG except dynamic updates would update the record and it would be in the zone. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
