Also see thread starting at:
http://darkwing.uoregon.edu/~llynch/dnsop/msg03465.html
Ed was the last one to be confused.
> >> #Appendix A. Terminology
> >>
> >> # Secure Entry Point key or SEP Key: A KSK that has a parental DS
> >> # record pointing to it. Note: this is not enforced in the
> >> # protocol. A SEP Key with no parental DS is security lame.
> >
> >
> >Yess.. this looks weird ... the last sentence is just wrong...
> >
> >How about just:
> >
> > Secure Entry Point key or SEP Key: A KSK that has a parental DS
> > record pointing to it or is configured as a trust-anchor Note:
> > this is not enforced in the protocol.
>
> I'd leave off the "Note:..." I still don't know what that means.
>
One more try
Secure Entry Point key or SEP Key: A KSK that has a parental DS
record pointing to it or is configured as a trust-anchor. Although
not required nor enforce by the protocol we recommend that the
SEP flag [Ref] is set on these keys.
--Olaf
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
