Perhaps by making a domain hijacking more visible to everyone, and having a whistleblowing (i.e. reporting mechanism such as used in Coniks) protocol then you could distribute the problem of monitoring.
That's just what I *don't* want to do. I do not want to be volunteered to be an unpaid security officer for everyone else's DNS.
It's fine to think about ways that a domain can secure its DNS and detect and fix unauthorized change, but I don't think it's fair to expect the rest of the world to do it for you.
R's, John _______________________________________________ dane mailing list dane@ietf.org https://www.ietf.org/mailman/listinfo/dane
