On Feb 28, 2024, at 13:25, Mark Andrews <ma...@isc.org> wrote: > The point of forbidding is to allow the validator to safely stop as soon as > possible when it is under attack.
If that is the point, why not just document that a validator is allowed to do that, such as if it sees three matching keytags? That seems much more direct. --Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
