[DNSOP] Re: [Ext] [DNSOP]Requesting final comments on draft-ietf-dnsop-rfc8109bis

Willem Toorop Fri, 07 Jun 2024 02:21:12 -0700

Sorry, I noticed my first comment was particularly deformed. Below that first comment corrected into something (hopefully) more readable.


Op 07-06-2024 om 10:33 schreef jab...@strandkip.nl:

More substantially, this section describes a series of vulnerabilities that would be 
mitigated by signing the ROOT-SERVERS.NET<http://root-servers.net/>  zone.

Unfortunately not. A signed root-servers.net zone has the potential to be mitigate those vulnerabilities, but at the time of writing it would have very limited impact (see: https://www.icann.org/en/system/files/files/reduced-risk-redirected-query-traffic-signed-root-name-server-data-22may24-en.pdf )

OpenPGP_0xE5F8F8212F77A498_and_old_rev.asc
Description: OpenPGP public key

OpenPGP_signature.asc
Description: OpenPGP digital signature

_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org

[DNSOP] Re: [Ext] [DNSOP]Requesting final comments on draft-ietf-dnsop-rfc8109bis

Reply via email to