On 4/21/21 9:46 AM, Lars Eggert wrote:
I also got told that signing a zone is tantamount to "boiling the ocean".
You're misquoting David. He said:
On 2021-4-20, at 20:20, David Schinazi <[email protected]> wrote:
I'm not saying that a 3-packet handshake would be bad, I'm saying
that it's not worth boiling the ocean to remove 2 packets.
Nowhere in that sentence or the rest of David's email do I see any mention of
signing zones.
> Again, not a topic for *this* mailing list.
Chrome has already implemented DANE once upon a time. The only thing
left is for Google to DNSSec sign their zone. That's it. If there is
something else, I'm all ears.
And I am asking in your capacity as IETF chair if signing your zone is
tantamount to "boiling the ocean". Taken at face value, that is a
stunning indictment.
Mike
