[dns-operations] .Org DNSSEC key management policy feedback
joao at bondis.org
Mon Jun 22 16:42:24 UTC 2009
yes, but with an IANA key
On 22 Jun 2009, at 18:29, Roy Arends wrote:
> On Jun 22, 2009, at 7:34 PM, João Damas wrote:
>> you mean DNSSEC-signed. I would be happy with a PGP signature on
>> the file, to be honest
> for instance
> Kind regards,
>> On 21 Jun 2009, at 16:50, David Conrad wrote:
>>> On Jun 20, 2009, at 11:38 PM, George Barwood wrote:
>>>> (2) "the public will need to update their validating resolvers
>>>> with the new public portion of the .ORG zone key."
>>>> Surely not? Won't the .ORG DS record be published by IANA?
>>> Yes, but until the root is signed, people will still need to
>>> update their trust anchors to reflect all the islands of trust,
>>> including the TLDs, they want to validated.
>>> dns-operations mailing list
>>> dns-operations at lists.dns-oarc.net
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
More information about the dns-operations