[dns-operations] Validation direction (Was: Re: Org Dnskey TTL)
Andrew Sullivan
ajs at shinkuro.com
Tue Apr 20 14:50:32 UTC 2010
On Tue, Apr 20, 2010 at 10:47:03AM -0400, Edward Lewis wrote:
> If all the validators are resolving downward, then now I understand all
> the bugs we've seen in the past few rounds of DNSSEC code drops.
Well, _all_ of them aren't, of course, since we have an example of one
that doesn't. But I take your point.
> This explains a lot of the issues we've seen lately. Unknown algorithm
> bugs, conflicts between trust anchors and live keys, to name two.
The latter I get, but could you explain more how the unknown algorithm
stuff is relevant? (Also, does this belong over in
protocol-maintenance land? I can't tell.)
A
--
Andrew Sullivan
ajs at shinkuro.com
Shinkuro, Inc.
More information about the dns-operations
mailing list