[dns-operations] [DNSSEC] Venezuela ccTLD broken

Mark Andrews marka at isc.org
Thu Jul 20 21:27:29 UTC 2023


On a similar issue, why aren’t the root servers all implementing DNS COOKIES as it provides clients protection from spoofed referrals?

-- 
Mark Andrews

> On 21 Jul 2023, at 03:16, David Conrad <drc at virtualized.org> wrote:
> 
> Hi,
> 
>> On Jul 20, 2023, at 7:29 AM, Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:
>> Finally, for the RSAC (yes not the right forum to formally lodge the
>> question), should the root zone DS TTL still be 1 day?  Would a change
>> to one hour be acceptable (aligning with it with the practice of many
>> TLDs and aiding in more time recovery from mistakes)?
> 
> 
> Haven’t thought about the implications enough to comment on the idea, however instead of RSSAC, this sounds to me like a question for RZERC to (eventually) weigh in on. In the Byzantine world of ICANN, it would need to be brought to RZERC by "any of [RZERC’s] members, PTI staff, or by the Customer Standing Committee (CSC)”, many of which are on this mailing list.
> 
> Regards,
> -drc
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/octet-stream
Size: 833 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20230721/05dd3bab/attachment.obj>


More information about the dns-operations mailing list