[dnssec-deployment] Trust Anchor Repositories (TAR) White Paper (V 1.0)

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Wed Jun 18 05:40:18 EDT 2008


> Although the paper is labeled Version 1.0, it should be considered an
> initial version and we encourage broad review and feedback.  One of the
> challenges in creating this paper was organizing and describing what could
> be considered a TAR as well as describing reasonable variations.  It's
> possible (likely?) that we have described some set of things as a 'TAR'
> that some people would not think of as a 'TAR' - we encourage discussions
> of this area as well as all other aspects of what should eventually be in
> the paper.
> 
> Russ & Steve


	The largest problem I have w/ a TAR -that is NOT immediately adjacent
	to the validator- is that it carries similar attack profiles to a/any
	third party cache.  What better place for a MITM than a TAR?

--bill



More information about the Dnssec-deployment mailing list