On Dec 3, 2013, at 6:46 AM, Stephane Bortzmeyer <[email protected]> wrote: > On Mon, Dec 02, 2013 at 08:56:26AM -0800, > Nicholas Weaver <[email protected]> wrote a message of 112 lines > which said: >> Actually spoofing DNSSEC replies even with knowledge of the root key >> is going to be difficult... > > Very convincing reasoning. But I would feel better if it were actually > tested in a lab with common resolvers. Any volunteer here?
I think a better target for that question would be [email protected] :) Regards, -drc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
