> On Aug 3, 2017, at 12:58 PM, Aanchal Malhotra <[email protected]> wrote: > > However, I still don't see how it would help in case of trust anchor/KSK > compromise.
This is why I wrote "I don't know if you consider it a solution." Even so, I think it could be useful, depending on the nature and scale of the zone in question. For example, if you had to perform an emergency KSK rollover you might do something like email a group of administrators with instructions to manually update their trust anchors. RFC 8145 would help you know how many administrators followed through on that request. DW _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
