I'm a little puzzled by this discussion. Why not just set up a list of TLDs in a mozilla.org subdomain, sign the subdomain with DNSSEC, put the DNSSEC public key into firefox, and have firefox consult the TLD list in the DNS, verified with DNSSEC, whenever information is needed?
That way nobody can say that you have a software update problem. Yet you retain the autonomy you need to get a solution implemented quickly. If the solution proves out well, perhaps people will adopt it. Even if it doesn't, it can't possibly be worse than a list hard- coded into the software. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
