[dns-operations] Forgery resilience idea - wildcard cooperative defense

Shane Kerr shane at ca.afilias.info
Fri Aug 8 07:28:33 UTC 2008


On Thu, 2008-08-07 at 21:16 +0000, Lutz Donnerhacke wrote:
> * Andrew Sullivan wrote:
> > I would be pretty nervous about using DNSSEC in a top level zone that
> > had only one registrar supporting it.  Registrars go out of business,
> > and 1-1 is 0.  It'd be rather bad news if your DNSSEC-enable zone
> > suddenly couldn't be managed.
> *Taking the AtLarge member hat*
> ICANN deals with this problem and has a sufficent proposal on the queue.
> Please comment it.
> *Dropping the AtLarge member hat*

URL please?


More information about the dns-operations mailing list