[dns-operations] .Org DNSSEC key management policy feedback
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Sun Jun 21 15:24:20 UTC 2009
On Sun, Jun 21, 2009 at 07:50:47AM -0700, David Conrad wrote:
> George,
>
> On Jun 20, 2009, at 11:38 PM, George Barwood wrote:
> >(2) "the public will need to update their validating resolvers with
> >the new public portion of the .ORG zone key."
> >
> >Surely not? Won't the .ORG DS record be published by IANA?
>
> Yes, but until the root is signed, people will still need to update
> their trust anchors to reflect all the islands of trust, including the
> TLDs, they want to validated.
>
> Regards,
> -drc
>
even then, they might want to keep the .ORG key
--bill
More information about the dns-operations
mailing list