[dns-operations] Question to DNSSEC and DLV policy

Chris Thompson cet1 at cam.ac.uk
Thu Mar 19 14:50:32 UTC 2009

On Mar 19 2009, Keith Mitchell wrote:

>In the longer term, what policies apply and how much paperwork is
>required will depend on the individual TLD. DLV is only ever intended as
>a bootstrap mechanism until the root and TLDs are signed, at which point
>we'll be very happy to retire it as a success victim :-) 

Well, I hope you won't retire it quite that rapidly. Gaps in the
authentication chain can occur in other places. I can foresee
an all-too-likely scenario in which uk (Nominet) is signed, but
ac.uk (JANET) is not, and I would hate to be told that we could
not register cam.ac.uk in dlv.isc.org because uk was signed.

Chris Thompson               University of Cambridge Computing Service,
Email: cet1 at ucs.cam.ac.uk    New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715       United Kingdom.

More information about the dns-operations mailing list