dnsext-2----Page:4
1 2 3 4 5 6 7 8 9 10 11
|
Design Goals Survive an N-1 key compromise (where N is the number of trust anchors at a trust point) Minimize other attacks (e.g. add of new keys by compromiser) Ensure common state at resolvers assuming resolvers query the DNSKEY RRSet in defined time. |