[On 15 Nov, @ 16:47, Edward wrote in "Re: [dnsop] comments on draft. ..."] > At 10:12 -0500 11/15/04, Miek Gieben wrote: > > >So I went for DNSKEY and Ed goes for DS. Two people, two different > >choices. I think we should let the implementers decide this and not > >the draft writers, > > Well, it's deeper than that. We've implemented the DS option and not > the DNSKEY option in our initial toolkit. You've implemented the > DNSKEY option. > > The question is - if you had to do it all over again, would you have > bothered with the DNSKEY option? Has there been any demand to use > the DNSKEY option by any users/testers of SECREG?
I think I would use the DNSKEY option again. Solely on the basis of not bothering the child with generating the DS. And I really liked my in-band thingy (which used DNSKEY, prob. just KEY at the time). I should say that I haven't read the epp-secdns draft in a LONG time, but I doubt if I reread it my thinking would change, grtz Miek . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
