* marcus sachs: > While we wait for applications to become DNSSEC-aware,
Uhm, applications shouldn't be DNSSEC-aware. Down that road lies madness. What should an end user do when the browser tells him, "Warning: Could not validate DNSSEC signature on www.example.com, signature has expired. Continue to connect?" -- Florian Weimer <[EMAIL PROTECTED]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99