Re: Proposed DNSSEC Plenary Experiment for IETF 74

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Nov 26, 2008 at 10:50:56AM -0500, Russ Housley wrote:
> I have been approached about a plenary experiment regarding 
> DNSSEC.  The idea is for everyone to try using DNSSEC-enabled clients 
> during the plenary session.  I like the idea.  What do others think?

I agree with others' views that validation alone is not very helpful and
some frequently queried for domains' zones should be signed as part of that
experiment.  By IETF74, the IANA (I)TAR might also be available as one
source of TLD trust anchors.
Still that date might be too early to encourage end system validation, so
adding validation and an "interesting" set of TAs to the meeting's recursive
name servers is another option, even if on the WLAN we can't trust the path
between stub and recursive resolver.  However, I'd hope the limited time
did not imply the proponent(s) offered a demonstration during the plenary ...

Central resolvers would also provide for "easy" access to raw data for
statistics purposes.

-Peter
_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]