On 15/12/2016 16:57, Bob Harold wrote: > If an insecure delegation can be made in the root, then could a local > trust anchor be used by those who want their .homenet domain DNSSEC > validated?
That's what I would have expected to happen. > That seems easier than sharing keys or creating subdomains with > nsupdate. But I don't know much about trust anchors. Shared keys would be a nightmare. Ray _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
