[dns-operations] Forgery resilience idea - wildcard cooperative defense

Lutz Donnerhacke lutz at iks-jena.de
Thu Aug 7 21:16:31 UTC 2008

* Andrew Sullivan wrote:
> I would be pretty nervous about using DNSSEC in a top level zone that
> had only one registrar supporting it.  Registrars go out of business,
> and 1-1 is 0.  It'd be rather bad news if your DNSSEC-enable zone
> suddenly couldn't be managed.

*Taking the AtLarge member hat*
ICANN deals with this problem and has a sufficent proposal on the queue.
Please comment it.
*Dropping the AtLarge member hat*

More information about the dns-operations mailing list