Olaf, On Mon, Sep 24, 2007 at 09:31:18AM +0200, Olaf M. Kolkman wrote: > > In response to my message: > >>The IAB, obviously, favors expedient deployment of DNSSEC in the DNS > >>root. > > David Kessens asked: > >Is there any activity by the IAB to achieve this goal ? > > In addition to statements like the sentence above there is a bit of > 'silent diplomacy'. Considering that the root is still not signed, is the IAB considering a different approach than 'silent diplomacy' towards achieving this goal ? I would like to note that the RIPE community has issued a public statement (http://www.ripe.net/ripe/wg/dns/icann-root-signing.pdf) while I have not seen anything directly addressed to ICANN from the IAB. I would expect that the IAB, with it's Internet Architecture interest in mind, should be taking a much more active and public role as delays in DNSSEC deployment at the root level may very well inspire short-term non optimal solutions that will affect the overal security architecture as defined by the IETF for the DNS. > Besides, under the header of "leading by example" > we are working with the operators of the zones for which the IAB has > certain responsibility to get those signed (e.g. [1]). For example > the RIPE NCC will be announcing that they will be signing E164.arpa > any time soon (see [2],[3] for the ongoing message exchange). I appreciate this. David Kessens --- _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf