> Mark,
>
> On Aug 29, 2007, at 3:24 PM, Mark Andrews wrote:
> > The DLV operators only need this information up until the
> > root is signed. Once the root is signed the root's DLV will
> > go in and these will be removed.
>
> If the root gets signed and you remove the DLV stuff, won't you break
> any caching resolver that still has the DLV trust anchor configured?
>
> Regards,
> -drc
No. Please re-read the quoted paragraph. The root's DLV
will be there.
You only need DLV records where there is a missing link in the
trust chain. If you have "." you don't need a DLV for "se" as
there will be a DS for "se" in the root zone.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
_______________________________________________
Ietf mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/ietf
