On Thu, 21 Jul 2005, Ned Freed wrote:
Perhaps a little more wiggle room would be OK, but I think it needs to
be stronger than "most likely". I will also point out that your desire
to allow only necessary changes would effectively slam the door on a
switch from DNS-based keying, absent someone making a case that the DNS
cannot be used in practice (unlikely in the extreme).
Its not that it cant, but it may not be best (for dns stability) to use
it in this fashion and it is likely not optimal way for for storing and
retieving public keys where as other options are available and had been
well tested for longer time then DK.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net