[dnssec-deployment] Trust Anchor Repositories (TAR) White Paper (V 1.0)
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Wed Jun 18 05:40:18 EDT 2008
> Although the paper is labeled Version 1.0, it should be considered an
> initial version and we encourage broad review and feedback. One of the
> challenges in creating this paper was organizing and describing what could
> be considered a TAR as well as describing reasonable variations. It's
> possible (likely?) that we have described some set of things as a 'TAR'
> that some people would not think of as a 'TAR' - we encourage discussions
> of this area as well as all other aspects of what should eventually be in
> the paper.
>
> Russ & Steve
The largest problem I have w/ a TAR -that is NOT immediately adjacent
to the validator- is that it carries similar attack profiles to a/any
third party cache. What better place for a MITM than a TAR?
--bill
More information about the Dnssec-deployment
mailing list