----- Oryginalna wiadomość ----- Od: "Joe Abley" <[email protected]> Do: "Witold Krecicki" <[email protected]> DW: [email protected] Wysłane: niedziela, 7 lipiec 2019 1:09:36 Temat: Re: [DNSOP] proposal: Covert in-band zone data
>There's an argument, I suppose, that an out-of-band mechanism to >exchange metadata is already required to agree things like DNS NOTIFY >targets, master servers andTSIG shared secrets. Those things already >need to be exchanged securely, so presumably you're not talking about >just setup time, but rather over time to manage automated ZSK rolls, >etc? Exactly - while the things you mentioned are configuration options that are 'human generated', the ZSK rollover should be, in the ideal case, something that happens automatically, without any human intervention. -- Witold _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
