> Does that make sense though? With RRSIG validity times and TTL's you > can set your "damange period" as small as you want. There is no issue > like with certificates where your credentials can be abused for up to > 12 months. You still need to detect the attack, right? DANE may help you mitigate the attack but it won't help you detect it.
Cheers Leif
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
