On Jun 2, 2011, at 5:23 AM, Richard Lamb wrote: > I still think, stale or not, having some idea of what the zone's policy is > regarding signature updates would be useful.
I'll admit a vague, unsubstantiated feeling of ill-ease about this. Would publishing this policy provide information of benefit to potential attackers? On the other hand, pragmatically speaking, I suspect signature expiration will be causing more damage to the DNS than potential attackers... Regards, -drc _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
