It appears that Petr � pa� ek <[email protected]> said: >Compare these two statements: >- Validators limit "number of collisions". (see above) >- Validators limit on number of "validation attempts". (reality today) > >This is important because RRSIGs can be invalid for _other_ reasons than >collisions. If we continue allowing collisions it will deplete the >limited amount of work validator is willing to do and this removes >redundancy/headroom from the overall system.
Well, OK. I can live with MUST NOT have colliding key tags if we also have MUST NOT have invalid RRSIGs. R�s, John PS: Not that I expect anyone to enforce either of them any time soon.
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
