On Fri, 03 Oct 2014 05:28:35 -0400, Anders Kaseorg said:
> This bottom-up algorithm also seems to have a security problem thatÂ’s > just as bad as one with the top-down algorithm that you rejected below. > Consider the same department.campus.university.edu example, where > campus and edu are signed zones, and university is not a zone. This issue is why trust anchors were devised so people could start deploying DNSSEC before stuff like .COM got signed.
pgpJd_yNtjpUu.pgp
Description: PGP signature
_______________________________________________ Cerowrt-devel mailing list [email protected] https://lists.bufferbloat.net/listinfo/cerowrt-devel
