[dns-operations] .ORG DS in root zone

Edward Lewis Ed.Lewis at neustar.biz
Sun Jul 25 08:32:51 UTC 2010

At 5:51 +0000 7/24/10, <bmanning at vacation.karoshi.com> wrote:

>	well... what is the policy here?  perhaps PIR wants
>	folks to have access to their TA directly.  recommending
>	a course of action w/o understanding the intended policy
>	seems a bit dubious to me.

This is a case of forgetting that DNSSEC is about protecting the 
cache and not protecting the source of the information.

"What is the policy here?"  Local policy rules.

It's not what $operator (=PIR here) "wants" it is how does the cache 
protect itself.
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

Spouses, like Internet protocols, lack necessary troubleshooting tools. Sigh.

More information about the dns-operations mailing list