On Thu, 31 Jul 2014, John Gilmore wrote:
The challenge is that TLDs are *intended* to roll over their keys,
so there will always be some discrepancies between keys frozen in
a resolver software package from a few months or years ago, versus
the keys used on the live Internet. That's why we have root keys:
to authenticate the changes in the TLD keys.
So if the root says, "This new TLD key is valid", yet it doesn't match
the local database, is it an attack, or a key rollover? What does the
software do? What does the user do?
So, there are ways to detect key rollover / key compromise. But
unless you think of something useful to do at that point, there is
little reason to do that work.
That's what transaparancy for DNSSEC is about that is being discussed in
the trans working group now. It's stil in the preliminairy stages, and
likely will take a back seat to the more urgent certificate transparency
which needs an audit log much more than DNSSEC.
Paul
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
