> However...the current draft does include those sDate/eDate parameters > for telling a parent when to to first (and last) publish a DS. From a > security standpoint, they probably aren't strictly needed (it may > depend on what you want the failure mode to be if the child doesn't > contact its parent regularly: do you want the DS to keep getting > resigned forever and always or just timeout?). I assume there was > some reason for them to be in the draft, so it's probably worth > explicitly asking if that functionality desired by anyone. > > -- Sam
It's been proposed that the sDate/eDate parameters be removed. The person that first proposed their inclusion (Mark Kosters) has agreed that they're probably not needed. -Scott- . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
