--On 2. september 2005 12:46 +0100 Tony Finch <dot@xxxxxxxx> wrote:
If you have the zone key, you can do the verification offline.How can you be expected to have the zone key of some random name that just turned up on your network?
you can always ask the guy for the zone key (and its signature).you have to get a certificate chain that ends up at a root key you trust, of course.
Reducing the problem to a previously unsolved problem.... but if you only care about whether or not it's locally unique, you don't CARE whether it's authentic or not, so you don't have to fetch anything....
Attachment:
pgp31GXmkM4wf.pgp
Description: PGP signature
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf