On Fri, 2 Sep 2005, Steven M. Bellovin wrote: > >How can you verify the signature without an Internet connection with which > >to fetch the key? > > If you have the zone key, you can do the verification offline. How can you be expected to have the zone key of some random name that just turned up on your network? > What's going to happen to your link-local uniqueness when someone adds > a bridge? The same issue arises with new devices turning up on the network. Both LLMNR and mDNS have mechanisms for dealing with uniqueness changes. Tony. -- f.a.n.finch <dot@xxxxxxxx> http://dotat.at/ BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR GOOD. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf