[dns-operations] Root DNSSEC key attestation
Matt Larson
mlarson at verisign.com
Fri Jul 16 13:34:04 UTC 2010
Now that the root zone is signed for real and the trust anchor has
been published, I'd like to go on record with the statement below,
doing my small part to add third-party community trust to the root's
key. That statement is recorded for posterity on the Ask Mr. DNS web
site at http://www.ask-mrdns.com/misc/root-key-attestation.asc.
At this point, please allow me to insert a shameless plug for the Ask
Mr. DNS podcast, in which my good friend, Cricket Liu, and I answer
DNS questions and talk about things DNS (and things not DNS).
I was fortunate enough to be present when the root key was generated
and I talk about the experience a bit in our latest episode:
http://www.ask-mrdns.com/2010/07/episode-17/
If your reaction to this message is, "That sounds like a great podcast
and I must subscribe immediately!", then I have just the URL for you:
http://www.ask-mrdns.com/feed/rss/
Finally, if you have a question for Mr. DNS to answer, he can always
be reached at mrdns at ask-mrdns.com.
Matt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On June 16, 2010, I witnessed the generation of the first root zone
key-signing key in the first key ceremony held by ICANN, the IANA
functions operator, at its key ceremony facility in Culpeper, VA.
I attest that the following DS record corresponds to the key generated
at that ceremony:
. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
The canonical location of the root zone trust anchor information is
http://data.iana.org/root-anchors. Also included there are supporting
material and explanatory documentation.
Matt Larson
July 16, 2010
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
iQEVAwUBTEBXbNdGiUJktOYBAQK5vwf8D+XT5Tfy71Ifx6UT8Fkwx0CDsbMrt61x
uWswx8+49q70YzfCXaXtcH2obiIBQzzoz08idydVFysyDzbcrhuKbgN5T4H2JLDp
gUVhUWi67yYWaXASNlG+YGsP5H/KDV501Fd49H3DSnJkWj2NV+3Uoybq1mueFHEZ
ZLiFF7ew1kiaHvFBxybQ9jbcZrdeUf8fSIKZURSJFDsmnnIm4SIs2+23sZhhfmPm
CG7DG8BT0wqEhopne0JUIaeW6fj14mLg4yAhU+eXe8kNIyh1mHmQhHF+1YCHI0kG
Yb3o+EmdL7SPLlkdP36KkZdTevM891fN7B/TeD8bTcnxMUmK+9avyQ==
=7fmP
-----END PGP SIGNATURE-----
More information about the dns-operations
mailing list