--On Wednesday, 26 November, 2008 10:50 -0500 Russ Housley <housley@xxxxxxxxxxxx> wrote: > I have been approached about a plenary experiment regarding > DNSSEC. The idea is for everyone to try using DNSSEC-enabled > clients during the plenary session. I like the idea. What do > others think? I think it is a wonderful idea. I must have a DNSSEC-enabled client for WinXP floating around here somewhere (not a browser extension, but something my email and Jabber clients can call and that has a well-sorted-out UI to deal with verification failures). I also assume those clients will be performing validation against a signed root zone, signed ORG, COM, and several national ccTLD zones, signed IETF.ORG, IAB.ORG, RFC-EDITOR.ORG, and IANA.ORG zones, etc. Do you have a plan about who is going to supply the low-velocity flying pigs for this meeting? Perhaps we could get them to listen for DNS queries and cache and transport responses. Sorry for the sarcasm, but some operational reality would be a good idea for ideas like this. john _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf