To:
Edward Lewis <edlewis@arin.net>
Cc:
Bill Manning <bmanning@isi.edu>, randy@psg.com, olaf@ripe.net, scottr@antd.nist.gov, dnssec@cafax.se
From:
Mark.Andrews@isc.org
Date:
Wed, 23 Oct 2002 10:21:27 +1000
In-reply-to:
Your message of "Tue, 22 Oct 2002 09:17:10 -0400." <a05111b03b9daffcd03ab@[192.149.252.228]>
Sender:
owner-dnssec@cafax.se
Subject:
Re: root zone signing and key lengths/lifetimes
> At 12:41 +1000 10/22/02, Mark.Andrews@isc.org wrote: > > it is established. You can also automatically detect when > > that trust chain is broken. > > Not exactly. If the trust is based upon a secret that has gotten > loose, the unrightful heir can get away with doing bad things until > the breach is discovered and authentically publicized. Well I did say that revocation is a manual step. Mark > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Edward Lewis +1-703-227-9854 > ARIN Research Engineer > -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org