>> 2. There's a common error in the evaluation of DNSSEC signing costs. I'd
>> like to draw attention to a new section that I've added to my web page
>> to analyze this error: http://cr.yp.to/djbdns/killa6.html#signingcosts
>Your reasoning is markedly incorrect if applied to A6. If we take
>site renumbering to be the dominant factor controlling
>signature-validity times, then the signatures on the A6 records
from what I got from reading djb's webpage, djb's point is that
the dominant factor controlling signature-validity time is security,
and for that reason he claims it needs to be very short (so there's
no real difference in signing overhead for AAAA or A6). so the
assumption for the "dominant factor" is totally different between
you two.
i'm still not sure if djb's claim is right or not, but anyway
that's what i got from his note.
itojun
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
