DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Mark.Andrews@isc.org, Bill Manning <bmanning@isi.edu>
Cc: randy@psg.com, olaf@ripe.net, scottr@antd.nist.gov, dnssec@cafax.se
From: Edward Lewis <edlewis@arin.net>
Date: Tue, 22 Oct 2002 09:17:10 -0400
In-Reply-To: <200210220241.g9M2fxjt011083@drugs.dv.isc.org>
Sender: owner-dnssec@cafax.se
Subject: Re: root zone signing and key lengths/lifetimes

At 12:41 +1000 10/22/02, Mark.Andrews@isc.org wrote:
>	it is established.  You can also automatically detect when
>	that trust chain is broken.

Not exactly.  If the trust is based upon a secret that has gotten 
loose, the unrightful heir can get away with doing bad things until 
the breach is discovered and authentically publicized.
-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                          +1-703-227-9854
ARIN Research Engineer

Follow-Ups:
- Re: root zone signing and key lengths/lifetimes
  - From: Mark.Andrews@isc.org

References:
- Re: root zone signing and key lengths/lifetimes
  - From: Mark.Andrews@isc.org

Prev by Date: Re: root zone signing and key lengths/lifetimes
Next by Date: Re: root zone signing and key lengths/lifetimes
Prev by thread: Re: root zone signing and key lengths/lifetimes
Next by thread: Re: root zone signing and key lengths/lifetimes
Index(es):
- Date
- Thread

Home | Date list | Subject list