> Rather than define these terms, can I suggest we encourage everyone to > adopt the One True Path to DNSSEC, ie the trust anchor for the root, > instead of kludging about with multiple trust anchors and ad-hoc > validation schemes? i thought we were ridding ourselves of eugene kashpureff, not reincarnating him. randy