>I'd flip it around. If we think it is important that DNSSEC works if you have >subtrees with local anchors or no anchors, we should work on that. Saying "add >blah to the root because I think that will keep some validators from returning >errors" isn't it.
Adding an insecure delegation is a good way to tell validators that there is going to be an insecure zone. It is a practical mechanism that is proven to work. I have no clue how to design a protocol where a mobile device can attach to an unknown network and get (negative) trust anchors without potentially compromising the entire security of DNSSEC. If you have an idea what such a protocol could look like, maybe you can share it. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
