Hijacked high-ttl records for signed zones aren't more dangerous than hijacked, high-ttl records for unsigned zones. Why do you claim that they are?
They are both invalidated through the same mechanisms. It would be nice if there were reasonable limits on TTLs, but I'm not getting invited to those meetings.
They are both invalidated through the same mechanisms. It would be nice if there were reasonable limits on TTLs, but I'm not getting invited to those meetings.