On Fri, 20 Feb 2026, Paul Hoffman wrote:
A strong +1 for what Wes says.
Said another way: I'm against WG adoption of this draft if it is only about HSMs or
primarily focused on them, but in favor it if covers the typical use cases for DNSSEC
signers. As others have said, "how to deal with HSM private key loss" is a blog
post (that should talk about specific HSMs), not a long-lived RFC.
Isn't the software use case "always have recent backups" ? Is that worthy of a
draft?
Paul
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
