[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

.gov DNSSEC operational message - picking a fight

Subject: .gov DNSSEC operational message - picking a fight
From: dot at dotat.at (Tony Finch)
Date: Wed, 29 Dec 2010 14:56:35 +0000
In-reply-to: <[email protected].>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected].>

On 28 Dec 2010, at 22:46, bmanning at vacation.karoshi.com wrote:
> 
>    IMHO, key management should be able to use an OOB channel
>    when the in-band is corrupted or overlaoded.  Reliance on
>    strictly the IB channel presumes there will be no problems
>    with that channel.  EVER.   For me, I don't want to take 
>    that risk.  YMMV of course.  

If normal DNS resolution fails to work then there's no point in getting the keys from another source since there's no data for them to validate.

Tony.
--
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/

Follow-Ups:
- .gov DNSSEC operational message - picking a fight
  - From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)

References:
- .gov DNSSEC operational message
  - From: mlarson at verisign.com (Matt Larson)
- .gov DNSSEC operational message
  - From: jra at baylink.com (Jay Ashworth)
- .gov DNSSEC operational message
  - From: mlarson at verisign.com (Matt Larson)
- .gov DNSSEC operational message
  - From: dougb at dougbarton.us (Doug Barton)
- .gov DNSSEC operational message - picking a fight
  - From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)

Prev by Date: Specific Network Querying
Next by Date: .gov DNSSEC operational message
Previous by thread: .gov DNSSEC operational message - picking a fight
Next by thread: .gov DNSSEC operational message - picking a fight
Index(es):
- Date
- Thread