It solves the problem of not repudiating names in the homenet. You have to have a special resolver to be able to validate them.
On Wed, Dec 14, 2016 at 7:48 PM, John R Levine <jo...@taugh.com> wrote: > But it's worse than that -- if your client software does DNSSEC >>> validation it needs to understand that homenet is a special case and >>> it's OK not to validate. >>> [etc] >>> >> >> That is precisely why we need an unsecured delegation. >> > > Except that as the [etc] said, it doesn't really solve the problem. > > > Regards, > John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY > Please consider the environment before reading this e-mail. https://jl.ly >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
