Re: Quic: the elephant in the room

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>  Imagine an e-commerce site connected to
    > two CDN’s who needs to switch.

>    Not for DANE though.  If you want long-lived TLSA RRs + the ability to
    quickly change keys, then use TLSA RRs to "certify" an intermediate PKIX
    CA.

I don't understand.  Suppose www.ecomm.com, a big e-commerce site (or www.kingdom.com, a government-run broadcasting company, many examples work), uses cdn1 and cdn2 in some specific order and www.ecomm.com is CNAME'd to cdn1. Suppose they want to switch from cdn1 to cdn2 for some reason.

How does www.ecomm.comm switch their DNSSEC records quickly enough?  I'm sure I am missing something.





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux