[dns-operations] closest keys and validation policy

David Conrad drc at virtualized.org
Mon Jul 19 00:40:25 UTC 2010


On Jul 18, 2010, at 4:12 PM, bmanning at vacation.karoshi.com wrote:
> keys that I get from my university,
> my ISP, my clients _all_ have a higher trust metric than the
> root key, in part due to the facet that I have a direct
> business relationship with them.  of course YMMV..

And yet, it is those folks who are the ones who can potentially implement nxdomain redirects because of other business relationships of which you may be unaware.  My mileage is that I put trust in what I can verify.  But that's just me.


More information about the dns-operations mailing list