[dns-wg] getting DNSSEC deployed
Jim Reid jim at rfc1035.com
Wed Feb 14 11:55:05 CET 2007
On Feb 13, 2007, at 17:58, Randy Bush wrote: >> I very much doubt anyone's going to take responsibility for signing >> the root unless they know that, yes DNSSEC really does work and won't >> break the internet. > > bs. that is not the problem at the root. it's all layer nine. Nobody said this was an issue at the root Randy. And whether that's a layer-9 issue or not is irrelevant too: this genuine problem -- you'd presumably call it a non-problem -- has to be resolved somehow. Getting real-world experience of what happens when DNSSEC is switched on is part of that process. So the recent moves in Sweden are to be commended as a step towards getting that experience. I'm disappointed if you don't share that view.
[ dns-wg Archives ]