This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[dns-wg] NTIA and RIPE

Previous message (by thread): [dns-wg] NTIA and RIPE
Next message (by thread): [dns-wg] NTIA and RIPE

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

John Schnizlein schnizlein at isoc.org
Wed Oct 29 17:04:57 CET 2008

Since I pushed on this subject, maybe my perspective is useful.

Signing a TLD or higher zone is pretty pointless unless it contains DS  
records.  It is really important that the process for the child to  
maintain the DS record in the parent zone be as easy as possible.  At  
the root, where literally everybody comes together, the opportunity  
for getting this wrong is large.

For example, a TLD operator might have good reason that it chooses not  
to reveal to want to change its KSK quickly.  The process for signing  
the root should make this as easy as possible.

John

On 2008Oct29, at 7:30 PM, Edward Lewis wrote:
>>
>> F - Policies and processes for signing the root zone should make it  
>> easy
>> for TLDs to participate.
>
> As someone employed by a TLD registry, it's not clear to me how or  
> why such rather internal matters of the root zone matter to my job.  
> Again, not saying this is a bad statement, but it begs for more  
> detail or direction.
>
> I am not saying that the policies and processes for signing the root  
> should be closed to the public.  I just don't see the relevance to  
> the TLD.

Previous message (by thread): [dns-wg] NTIA and RIPE
Next message (by thread): [dns-wg] NTIA and RIPE

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]