On 11/15/2012 12:28 AM, Frederico A C Neves wrote: > On Wed, Nov 14, 2012 at 11:53:56PM +0100, Leif Johansson wrote: >>> Does that make sense though? With RRSIG validity times and TTL's you >>> can set your "damange period" as small as you want. There is no issue >>> like with certificates where your credentials can be abused for up to >>> 12 months. >> You still need to detect the attack, right? DANE may help you mitigate >> the attack but it won't help you detect it. > Respected the DNSSEC "grand scheme of things" a relying party will > definitely detect it, perhaps not the owner of the zone. Is that what > you meant? > > Fred yep _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
- Re: [dane] DANE and CT Tony Finch
- Re: [dane] DANE and CT Ben Laurie
- Re: [dane] [therightkey] DANE and CT Paul Wouters
- Re: [dane] [therightkey] DANE and CT Ben Laurie
- Re: [dane] [therightkey] DANE and CT Frederico A C Neves
- Re: [dane] [therightkey] DANE and CT Paul Wouters
- Re: [dane] [therightkey] DANE and CT Tom Ritter
- Re: [dane] [therightkey] DANE and CT Carl Wallace
- Re: [dane] [therightkey] DANE and CT Leif Johansson
- Re: [dane] [therightkey] DANE and CT Frederico A C Neves
- Re: [dane] [therightkey] DANE a... Leif Johansson
- Re: [dane] DANE and CT Warren Kumari
- Re: [dane] DANE and CT Tony Finch
- Re: [dane] DANE and CT Ben Laurie
- Re: [dane] DANE and CT Shumon Huque
- Re: [dane] DANE and CT Tom Ritter
- Re: [dane] DANE and CT Ben Laurie
- Re: [dane] [therightkey] DA... Shumon Huque
- Re: [dane] [therightkey] DA... Paul Hoffman
- Re: [dane] [therightkey] ... Shumon Huque
- Re: [dane] [therightkey] ... Paul Wouters
