>We should recommend secure defaults and let users of DNS crudware harangue 
>their vendors or find new ones that
>can support publishing secure keys. We’re also foreshadowing long key lengths 
>next year.

Having been dealing with the crudware argument for a very long time* I
can tell you that the chances of getting all the crudware fixed
anytime soon are negligible, and nobody's going to change registrars
because they can't publish 2K keys.

That's why I suggested we add EdDSA.  It's, ah, crudware resistant.

R's,
John

* - see  draft-levine-dnsextlang-09

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to