If an insecure delegation can be made in the root, then could a local trust anchor be used by those who want their .homenet domain DNSSEC validated? That seems easier than sharing keys or creating subdomains with nsupdate. But I don't know much about trust anchors.
-- Bob Harold
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
