[dns-operations] thoughts on DNSSEC

[Paul Wouters]

On Wed, 18 Jul 2012, Olaf Kolkman wrote:

> If you talk about registrant registrar interaction then your DNSSEC authentication mechanism should be as
> strong as your non-DNSSEC authentication mechanism.

And if you want to comply to FIPS-140, then ensure the channel security
through which you send/protect your key material is at least as strong as the
security of the key material transported within that channel.

Paul