At 13:17 -0400 9/14/10, Joe Abley wrote:
As I've mentioned before, the problem I have with trust-history is that it involves using old keys to make trust decisions about new keys. It is difficult to believe in the general case that old keys are entirely trustworthy. Presumably keys are rolled for a reason.
Double ditto. (The "I've mentioned before" part as well as "old keys to make trust decisions about new keys.")
I discourage anyone caching any information that appears in any of my managed zones for longer than it's TTL.
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Spouses, like Internet protocols, lack necessary troubleshooting tools. Sigh. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
