On Wed, 24 Feb 2010, Tony Finch wrote:
On Wed, 24 Feb 2010, Shane Kerr wrote:DNSSEC declares out of scope: * the channel where DS records get added to the parentIs that actually out of scope or just not specified yet?
Out of scope. It is the bootstrap problem. Though with RFC-5011 and perhaps draft-wijngaards-dnsop-trust-history-02 the above bullet might should probably read "were initial DS records get added" Once you have established the first DS record, you should be able to rollover without losing the path of trust. Paul _______________________________________________ Ietf mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
