* Simon Josefsson: > However, in practice I don't believe many will trust the root key > alone -- for example, I believe most if not all Swedish ISPs would > configure in trust of the .se key as well.
There are some examples that such static configuration is extremely bad. Look at the problems with bogon filters, or how long decommissioned root server IP addresses continue to receive queries. It's not a problem if you do this for .SE as a Swedish ISP because you notice quickly that something is amiss. But if too many people do this for most TLDs, it will become practically impossible to change keys. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]