ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: draft-weiler-dnssec-dlv-iana (DNSSEC Lookaside Validation (DLV) IANA Registry) to Informational RFC

2007-08-23 20:18:09
from [Geoff Huston] [Permanent Link]
- in the absence of full signing of the DNS from the root down, just how many DLV spots must a resolver look in? It seems that proliferation of DLV lookup points is no better (and arguably much worse) than the original problem of piecemeal DNSSEC deployment - that of key hunting. 

        Hopefully only one.  You would use IANA's one if you want
        to see what the world would be like if the root is signed.
        You would use ISC's (or similar) if you want to work around
        missing links in the chains of trust.
But that's not one - that's *two* already - and we've really not even begun to have fun with DLVs yet! 


  Geoff


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: The Internet 2.0 box Was: IPv6 addresses really are scarce after all, Noel Chiappa
Next by Date:  Re: The Internet 2.0 box Was: IPv6 addresses really are scarce after all, Jun-ichiro itojun Hagino
Previous by Thread:  Re: Last Call: draft-weiler-dnssec-dlv-iana (DNSSEC Lookaside Validation (DLV) IANA Registry) to Informational RFC, Mark Andrews
Next by Thread:  Re: Last Call: draft-weiler-dnssec-dlv-iana (DNSSEC Lookaside Validation (DLV) IANA Registry) to Informational RFC, David Kessens
Indexes:  [Date] [Thread] [Top] [All Lists]