In message <dd056a31a84cfc4ab501bd56d1e14bbb826...@exchange.secure64.com>, "Ste phan Lagerholm" writes: > HI Matthijs, > > I like this draft but I'm a little bit concerned about the scalability. > How will a busy parent provision a unique secret key for each of the > child? And how will this key be transported between the parent and the > child in a secure way?
How are NS records passed to the parent in a secure manner today? If a parent can accept the volume of NS records required to delegate it can generate keys just as fast and send them back over the same channel. There is no scaling issue here. > Thanks, Stephan > ---------------------------------------------------------------------- > Stephan Lagerholm > Senior DNS Architect, M.Sc. ,CISSP > Secure64 Software Corporation, www.secure64.com > Cell: 469-834-3940 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
