In article <b4f27495-aa1e-44b3-b0de-c228e0edc...@icann.org> you write: >> Can you unpack what you mean by this? I assume you don't mean that we >> should provide a mechanism whereby >network operators can automatically override DNSSEC trust anchors! > >For names that are only available within a trusted network, yes I really mean >that.
I agree with the sentiment, but when I'm writing my DNS validator, how do I tell the names that are only available within the network from the outside ones that the network operator is spoofing? R's, John _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
