On Thu, Nov 09, 2017 at 03:48:26PM +0100, Petr Špaček wrote: > Nice write-up Edward! You have nicely summarized why Mark and me agree > that validator should use longest suffix match when selecting TA to > validate data.
+1. > Things might get even more complicated when negative trust anchors are > configured, bleh. Fortuantely a negative trust anchor is a longest suffix match too. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
