On Jul 10, 2017, at 6:55 PM, Paul Wouters <[email protected]> wrote: > Okay, that explains it better. but does also confirm you basically want > to be permanently in this state. Because every few years you will have > new fancy algorithms. As a community we should really roll out updated > algorithms faster and deprecate obsoleted algorithms faster.
Just a reminder: a few years we were talking about how to bootstrap trust on devices that had been on the shelf for longer than the life of the root key. Now you are proposing that we roll algorithms faster than that. I'm not saying you're wrong, but there are operational implications to this position.
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
