At 12:24 PM +0100 9/10/10, Stephen Morris wrote: >1. Is the situation addressed by the draft - that of a validator that has been >offline or that has missed an (emergency) rollover needing to reconfigure >itself - a problem that needs to be solved?
Yes, mostly for the former case. A subset of the "has been offline" problem is distros that come with trust anchors that are installed after one of the trust anchors has expired. That's like being offline since the distro was burned into an ISO. >2. If the answer to (1) is yes, is the idea of using DNS the best way to do it? Maybe, but I agree with the folks who said "but not by using keys that should have been discarded". A possibly better (and much simpler) way to do this is to somehow associate a long-lived secure URL (such as using the https: scheme) that leads to the repository of current trust anchors. This requires that the DNS server have a separate pile of trust anchors for the non-DNS scheme, and those keys need to be valid for longer than the DNS trust anchors that are expiring, of course. --Paul Hoffman, Director --VPN Consortium _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
