On 2013-11-25, at 10:42, Ted Lemon <ted(_dot_)lemon(_at_)nominum(_dot_)com>
wrote:
On Nov 25, 2013, at 10:38 AM, Joe Abley <jabley(_at_)hopcount(_dot_)ca> wrote:
Isn't this at least part of the motivation behind DANE?
(I realise DANE requires moving parts in the client and signatures in the
published zone, but it seems odd that it hasn't been mentioned.)
Is the DNSSEC root key secure against National Security Letters?
I don't know. Sounds like a good question to ask ICANN.
Joe
signature.asc
Description: Message signed with OpenPGP using GPGMail