[Dnssec-deployment] DNSSEC4J and trust anchors

[Joe Abley]

Michael,

On 2012-01-31, at 13:02, "Michael StJohns" <mstjohns at comcast.net> wrote:

> I had a dinner discussion on this topic with Steve Crocker and someone else not long ago.  During that discussion, I proposed a mechanism to test roll-over without affecting the current signing key.  Basically, replace the stand-by key, rather than the key currently being used to sign the DNSKEY RR.

What stand-by key?


Joe