[dns-operations] .Org DNSSEC key management policy feedback

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Sun Jun 21 15:24:20 UTC 2009

On Sun, Jun 21, 2009 at 07:50:47AM -0700, David Conrad wrote:
> George,
> On Jun 20, 2009, at 11:38 PM, George Barwood wrote:
> >(2) "the public will need to update their validating resolvers with  
> >the new public portion of the .ORG zone key."
> >
> >Surely not? Won't the .ORG DS record be published by IANA?
> Yes, but until the root is signed, people will still need to update  
> their trust anchors to reflect all the islands of trust, including the  
> TLDs, they want to validated.
> Regards,
> -drc

	even then, they might want to keep the .ORG key

More information about the dns-operations mailing list