Hi Phil, On Tue, Aug 31, 2010 at 11:02 AM, Phillip Hallam-Baker <hallam@xxxxxxxxx> wrote: > Whether or not the IAB zone is signed is of negligible consequence. > > But the fact that the IAB zone signatures had expired is a highly > significant data point: DNSSEC administration is not quite as easy as > some of the glib claims of its more enthusiastic supporters would lead > one to believe. Sounds like a straw man to me. Can you provide a pointer to some of these glib claims? For years I have been hearing, correctly I believe, that lack of logistical and administrative tools and support for DNSSEC was the main problem slowing deployment. Recent developments like RFC 5011 (Automated Updates of DNS Security (DNSSEC) Trust Anchors) have improved things a lot. And, as an original architect of DNSSEC, I admit that the early proposal set was deficient in this area. Donald > On Tue, Aug 31, 2010 at 10:36 AM, Glen Barney (AMS) <glen@xxxxxxxx> wrote: >> Community - >> >> The DNS zone files have been re-signed, and we will look into alternatives to >> the original DNSSEC tools that were in use (which seem to be broken.) >> >> And just a reminder that, while posting complaints to this list might feel >> more therapeutic, the secretariat has an address set up for trouble reports, >> which is ietf-action@xxxxxxxx . Sending complaints to that address will >> generally get much faster results. >> >> Thank you! >> >> Glen >> Glen Barney >> IT Director >> AMS (IETF Secretariat) >> >> _______________________________________________ >> Ietf mailing list >> Ietf@xxxxxxxx >> https://www.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf