From mboxrd@z Thu Jan  1 00:00:00 1970
From: erik quanstrom <quanstro@coraid.com>
Date: Wed, 20 Jan 2010 11:49:24 -0500
To: 9fans@9fans.net
Message-ID: <dd57a1d33587e2be68c04f23ccdccdbc@coraid.com>
In-Reply-To: <41CF4DC9-7F76-4902-8F8A-28A477A798DE@gmail.com>
References: <4B57048D.6040002@maht0x0r.net>
	<58dec826cbba066ea2cf1362ffa28e96@brasstown.quanstro.net>
	<429BB192-1F75-44F3-AC67-730F152E4C29@gmail.com>
	<9c614339d11833003968916e4dff66bb@coraid.com>
	<41CF4DC9-7F76-4902-8F8A-28A477A798DE@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: Re: [9fans] Are we ready for DNSSEC ?
Topicbox-Message-UUID: c18c99da-ead5-11e9-9d60-3106f5b1d025

> > i think your understanding ma be incomplete.  dnssec
> > requires that the rrs be chained together in a particular
> > order.  and any change to a rr triggers resigning.  it
> > may be doable, but i think it would be easier to start
> > with dnssec in mind.

> That makes their use of the word extension wrong, but in that case
> starting over would seem (and probably is) best.

i think it fits the definition of extension.  the protocol is
compatable with dnssec-unaware implementations.

- erik