Ted Lemon wrote: ....
I will freely admit that this is not clear-cut, but that's really my point. I believe that it is wrong to advance a DHCP-based solution without consensus that we prefer the second trust model, and I don't think such a consensus is attainable. Pursuing a DHCP-based solution without that consensus is simply a way of bypassing the consensus process, in the sense of deciding that there is no need to get consensus on which trust model we prefer before choosing a trust model.
there hasn't been, is not, and won't be, consensus on a trust model. as in your enumeration, some trust models are incompatible with others and cannot be in any way mixed. i think the protocols should support what people are trying to do, and that means no single overarching trust model.
-- P Vixie _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
