i'd argue that if 194.in-addr.arpa is not registered a DLV registry and
if in-addr.arpa is not itself signed, then the community of beneficiaries
of 194's signedness is so small that this cannot be called an emergency.
More and more people will setup their own trusted keys. We don't neeed DLV
fyi
I noticed that SE uses e=65537 for their KSK and e=3 for their ZSKs.
This means that the keyroll (all zsk's need to be e3) should go
smoothly and no emergency trust anchor rollover is needed.
This is not the case for RIPE (194.in-addr.arpa). RIPE uses e=3 for
both ZSK and KSK. Hence an
[EMAIL PROTECTED] (Roy Arends) writes:
This is not the case for RIPE (194.in-addr.arpa). RIPE uses e=3 for
both ZSK and KSK. Hence an emergency trust anchor roll is needed.
i'd argue that if 194.in-addr.arpa is not registered a DLV registry and
if in-addr.arpa is not itself signed, then the
On Sep 8, 2006, at 7:32 PM, Paul Vixie wrote:
[EMAIL PROTECTED] (Roy Arends) writes:
This is not the case for RIPE (194.in-addr.arpa). RIPE uses e=3 for
both ZSK and KSK. Hence an emergency trust anchor roll is needed.
i'd argue that if 194.in-addr.arpa is not registered a DLV registry
and