Inline. - JL
On 4/12/12 8:21 AM, "Marc Lampo" <[email protected]> wrote: >The draft of Negative Trust Anchors does not mention anything about >informing the operator of the failing domain. I'll make a note to call this out in the next version. Something about making reasonable attempts to notify the domain of the issue and any action taken (such a using a NTA and when it expires, how to contact party adding the NTA, etc.). >The advantage over negative trust anchor would be that this is more >centrally managed : the action by the parent (remove DS) is visible (TTL >permitted) to any validating name server. > (the negative trust anchor needs to be configured by every validating NS, > whose administrators bother to do so) I see the advantages but I'm reluctant to see this more automated / easy. Thanks, Jason _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
