On Wed, Nov 16, 2016 at 8:30 AM, Dan York <y...@isoc.org> wrote: > > On Nov 16, 2016, at 10:18 PM, Mikael Abrahamsson <swm...@swm.pp.se> wrote: > > As a whole, nobody seems to be interested in actually coming up with a > viable solution that actually fixes peoples problems. Everybody's just > punting the problem elsewhere or waving their hands and says "not our > problem". > > > Do you have a suggestion for a solution? > > Dan > > > This is not well thought out, but what jumps to mind is to keep a chain of signatures in the root DNS that links from the original KSK up through the current KSK (or at least the last 10 years). Perhaps a different record type, so it is only sent if asked for.
Does that make any sense? -- Bob Harold
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop