On Apr 23, 2009, at 8:26 AM, Andrew Sullivan wrote:
Given that the largest provider of host operating systems currently deployed is not planning to do DNSSEC this way, won't we have some trouble if we start suggesting it's the right way
We can't force anybody to do anything. However, if this is really the right way to do it, then any vendor who is sensitive to security issues will eventually come around. If it's the wrong way to do it, we shouldn't be suggesting it. The vendor you happen to have mentioned participates in IETF; perhaps they could weigh in on why this is the wrong thing to do, if in fact it is.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
