[dns-operations] geant.org dnssec
regnauld at nsrc.org
Tue Feb 7 13:28:45 UTC 2017
Antoin Verschuren (dns) writes:
> It’s been successfully used in production with a number of .nl domains that do NSEC3 as well.
> I’d say thats a safer alternative than going insecure.
Assuming it's implemented correctly - in this case, going bogus because
of a bug in a signer is marginally better than being insecure for a short
time. Depends on the definition of "safer" :)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: not available
More information about the dns-operations