On 25 Oct 2023, at 18:46, Johan Stenstam <[email protected]> wrote:
> I agree. But it is bad to design a system where the key CANNOT be rolled. I agree. I was just expressing doubt that you can find a single automated mechanism that is appropriate to use in all possible compromise scenarios. For a hopefully rare event that might need careful handling, perhaps a good manual plan is actually better? Joe _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
