This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[dns-wg] Another DNSSEC action: add your DS to DLV (Was: NTIA NoI: does anyone care?

Previous message (by thread): [dns-wg] NTIA NoI: does anyone care?
Next message (by thread): [dns-wg] Another DNSSEC action: add your DS to DLV (Was: NTIA NoI: does anyone care?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stephane Bortzmeyer bortzmeyer at nic.fr
Tue Oct 21 11:25:58 CEST 2008

On Wed, Oct 15, 2008 at 10:44:34AM -0400,
 Edward Lewis <Ed.Lewis at neustar.biz> wrote 
 a message of 18 lines which said:

> This is why I think energy on this is better spent replying to the
> NTIA than here.

If you want to spend energy on DNSSEC deployment, you can also sign
your zones, add them to a DLV registry such as the ISC one (*) and
enable validation on your resolvers (and then handling your users's
complaints).

It will probably have a stronger effect than carefully crafting a
reply which will probably be ignored, as all input from outside the US
has been ignored in all forums since the take-over of the root.

PS: thanks to the managers of ".br" and ".cz", the two first TLDs to
appear in the ISC DLV registry.

(*) Even if the root is signed, some TLD won't be signed
overnight. Two good things about DLV is that it does not require the
root to be signed and it does allow managers of SLD to be attached to
a chain of trust even if their TLD is not signed.

Previous message (by thread): [dns-wg] NTIA NoI: does anyone care?
Next message (by thread): [dns-wg] Another DNSSEC action: add your DS to DLV (Was: NTIA NoI: does anyone care?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]