[Opendnssec-develop] Zone moving between operators
matthijs at NLnetLabs.nl
Wed Mar 25 16:21:12 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Alright, but I think that in that case we need to consider additional
measurements to deal with zone transfer between operators and emergency
roy at nominet.org.uk schreef:
> Rick van Rein wrote on 03/25/2009 10:01:12 AM:
>>> However, this is no issue if we decide one key should not span multiple
>> This should neither be the default, nor should it be forbidden.
>> The administrator should be enabled to choose, based on the capacity
>> of the HSM in use (which may be a small USB key, remember).
>> If you forbid it, you disable that cheap range of PKCS #11 devices.
>> If you make it the default, you would not use the full power of a full
> I agree.
> The software should allow for several schemes, without dictating any
> Roy Arends
> Sr. Researcher
> Nominet UK
> Opendnssec-develop mailing list
> Opendnssec-develop at lists.opendnssec.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Opendnssec-develop