This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] What about the last mile, was: getting DNSSEC deployed
- Previous message (by thread): [dns-wg] What about the last mile, was: getting DNSSEC deployed
- Next message (by thread): [dns-wg] What about the last mile, was: getting DNSSEC deployed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Peter Koch
pk at DENIC.DE
Fri Feb 16 14:26:10 CET 2007
On Fri, Feb 16, 2007 at 10:20:58AM +0000, Lutz Donnerhacke wrote: > The win will be much better if the root where signed (because the resolver > knows which TLD does not exists from cache), so that stetting up a signed > root for outself is a probable project in the near future. If lowering response times for QNAMEs falling into non-existent TLDs (or reducing garbage sent to the root servers) is your goal, why wait for DNSSEC? Just make your recursive server authoritative for the root zone (all caveats apply) and be done. I'm neither questioning nor recommending this approach, but I'm a bit concerned to see side effects (real or perceived) sold as benefits for DNSSEC, where these benefits don't exist. -Peter
- Previous message (by thread): [dns-wg] What about the last mile, was: getting DNSSEC deployed
- Next message (by thread): [dns-wg] What about the last mile, was: getting DNSSEC deployed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]