About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [dns-wg] DNSSEC Policy Development Process

  • To: Jim Reid <
    >
  • From: Marcos Sanz/Denic <
    >
  • Date: Tue, 23 Aug 2005 17:52:06 +0200
Jim,

> I personally think the reference to DLV needs to be replaced with
> something more generic

I concur.

> So from that perspective, it may be better if the text in the
> proposal was made more generic. Perhaps it should say something like
> "The NCC would consider publishing its KSKs in appropriate registries
> that may emerge to facilitate the establishment of DNSSEC trust
> anchors"?

I don't think that would be even necessary. The document already states "
Maintenance of these keys is a process that does not scale well. We are 
working to come up with a solution to this issue."

> how about establishing a trust anchor for .arpa
> and have the NCC's KSKs signed by that? 

Is .arpa signed?

Regards,
Marcos
Post To The List:

Replies

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community