rpki vs. secure dns?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue May 29 10:30:06 UTC 2012
On Mon, May 28, 2012 at 08:59:28PM +0000,
Paul Vixie <vixie at isc.org> wrote
a message of 43 lines which said:
> ROVER expects that we will query for policy at the instant of
> need. that's nuts for a lot of reasons, one of which is its
> potentially and unmanageably circular dependency on the acceptance
> of a route you don't know how to accept or reject yet.
If someone starts to announce 2001:db8:f00::/48 *and* all the name
servers for 0.0.f.0.8.b.d.0.1.0.0.2.ip6.arpa are in 2001:db8:f00::/48,
then I suggest that he is wrong, not Rover...
More information about the NANOG
mailing list