I didn't explain why, so let me add just a short pointer. No need to go
deeper here at this point of the draft, I think.
On 28/11/2022 19.26, Peter Thomassen wrote:
As such, I don't see any risk that would not be exposed immediately
during implementation/testing, and the fix is also trivial.
Hi Vladimir,
Thanks for your feedback! Please see below.
On 11/11/22 19:01, Vladimír Čunát wrote:
It's not a major thing in your design, but I see a risk that DNSKEYs at
non-apex might have trouble validating, so at some point I'd expect your
proposal to choose a different approach (e.g.
Hello.
It's not a major thing in your design, but I see a risk that DNSKEYs at
non-apex might have trouble validating, so at some point I'd expect your
proposal to choose a different approach (e.g. allocate a new identical
RR type) or at least confirm that it won't be a major problem.
Hi,
Yesterday, I uploaded the below set of ideas for filling in the automation gaps
in DNSSEC multi-signer, in particular the key exchange problem between
multi-signing peers.
I'm planning to present this at the London meeting, so I wanted to give folks
as chance to take a look at it. I'm