Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Jun 11, 2009, at 8:35 PM, Stephen Kent wrote:
But, in a DNSSEC environment, IANA performs two roles:
- it coordinates the info from the gTLDs and ccTLDs and constructs
          the authoritative root zone file
        - it signs the records of that file

Nope.  Just to clarify things:

IANA (well, ICANN as the IANA functions operator) receives and validates root zone changes.

VeriSign constructs and publishes the root zone to the root server operators.

In the context of DNSSEC, as documented at http://www.icann.org/en/announcements/announcement-2-03jun09-en.htm , VeriSign will have operational responsibility for the zone signing key and ICANN will manage the key signing process.

Regards,
-drc

_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]