[dns-operations] cool idea regarding root zone inviolability

Matthew Pounsett matt at conundrum.com
Sat Nov 29 20:56:17 UTC 2014

Previous message (by thread): [dns-operations] cool idea regarding root zone inviolability
Next message (by thread): [dns-operations] cool idea regarding root zone inviolability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Nov 28, 2014, at 02:07 , Paul Vixie <paul at redbarn.org> wrote:

> 
> is there some reason why an updated sig(0) is not a solution to this? 

People move zone data around using mechanisms other than *XFR (scp, database replication, etc.).  A signature on the complete zone, as part of the zone, also covers those mechanisms.

Previous message (by thread): [dns-operations] cool idea regarding root zone inviolability
Next message (by thread): [dns-operations] cool idea regarding root zone inviolability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dns-operations mailing list