Re: [dns-wg] revised text for NTIA response - v4
-
To: bmanning@localhost
-
From: Patrik Fältström paf@localhost
-
Date: Mon, 3 Nov 2008 21:11:18 +0200
-
Authentication-results: ams-dkim-1; header.From=paf@localhost dkim=pass ( sig from cisco.com/amsdkim1002 verified; );
-
Cc: Jim Reid jim@localhost, dns-wg@localhost
-
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=758; t=1225739481; x=1226603481; c=relaxed/simple; s=amsdkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=paf@localhost z=From:=20=3D?ISO-8859-1?Q?Patrik_F=3DE4ltstr=3DF6m?=3D=20<p af@localhost |Subject:=20Re=3A=20[dns-wg]=20revised=20text=20for=20NTIA= 20response=20-=20v4 |Sender:=20; bh=iUs30UJNRHJXqQUOmBJEh8/+WjzTZAW42KBONk5Rnv8=; b=VOQjyvUChQ5Np9TIbmKAn9zZrhnhvRnHElR4cfNVTkeqCTzOF0YunFqlEc PSF6ENaAm/wYfCQL3AZ0fJG3Gy6m68WG+ceUj10JWIkMJRCbiw3YPLruCTOt 30epf+hkLT;
On 3 nov 2008, at 18.05, bmanning@localhost wrote:
I think a more pragmatic reply (if the previous points are to
be respected) would be something along these lines:
10. The organization that generates the root zone file must sign the
file and therefore must hold the private part of the zone signing key.
or
10. The organization that generates the root zone file must have
unfettered
access to the zone signing key components.
I have a slight inclination towards the second.
I think the first of these is better as the word "unfettered" is not
easy to understand if one is not english speaking. I for one have no
idea what it means...
The simpler the text, the better.
Patrik
|
you are here: RIPE -> RIPE Maillists > Archives
