I also think that this is not appropriate as a Best Practice. I would suggest reversing this draft to make it operational guidance to implementers about how to enable compliance with RFC 6781 Section 4.1.4.
On Mon, Feb 22, 2021 at 2:26 PM Vladimír Čunát <vladimir.cunat+i...@nic.cz> wrote: > Hello. > > I'm certainly not fond of trying to call this "best practice". > I'd rather try persuading people to either improve such tooling or > switch production to another one, but I understand that in real life > there are cases where the proposed approach may be considered a better > choice than a proper rollover. > > --Vladimir @ knot-resolver.cz > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop