Brian Dickson <[email protected]> wrote: > For anyone using an open, well-known resolver (either provided by their > ISP, or operated as a "public service"), include instructions on use of a > provider-specific DLV and provider-specific "alternative trust anchor > (DNSKEY)".
I think your suggestion will only work for botched key rollovers. The other common failure is expired signatures, which you could only fix DLV style if your ISP resolver dynamically re-signs all answers in the zone. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Trafalgar: Cyclonic in northwest, otherwise mainly northerly or northwesterly 5 or 6. Slight or moderate. Showers in northwest. Good. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
