Re: Historic Moment - Root zone of the Internet was just signed minutes ago!!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In message <AANLkTikni86AOABGKIB1_jOeQe0Ou4swpGrS8H1MbmrQ@xxxxxxxxxxxxxx>, Phil
lip Hallam-Baker writes:
> Being able to verify signatures is of no value.
> 
> The system only has value when you can act differently according to
> whether the signature verifies or not.
> 
> I keep asking, but nobody will tell me how I get the keys for my
> domains into the TLD.

Firstly you get DS records into the TLD not DNSKEY records.  Secondly
it is/will be by a mechanism similar to how you get NS records into
the TLD.  In other words go ask your registrar when they are going
to support adding DS records and stop complaining here.

This is not a technological problem.  It is a business problem
between you, your registrar and the registry.
 
> This is not a trivial issue. There is a question of liability to be
> addressed. So far ICANN and VeriSign Registry Services have addressed
> the issue by booting it down the chain. But the system as a whole
> cannot work until there is someone willing to accept the liability and
> for that to happen they are going to require tools to manage their
> litigation risk.

How is the liability different from that of accepting NS records?
DS records don't magically change the liability.  Stuffing up either
NS or DS records will break the delegation.

> Does anyone know of a dotcom registrar offering key signing?
> 
> Or is the big plan here that everyone who is not going to accept
> liability keep complaining about how far behind the registrars are
> until they are forced to act?
 
Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@xxxxxxx
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]