This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] Re: DNSSEC - DS RR provisioning
- Previous message (by thread): [dns-wg] Re: DNSSEC - DS RR provisioning
- Next message (by thread): [dns-wg] DNSSEC - DS RR provisioning
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mathieu Arnold
mat at mat.cc
Tue Nov 17 00:45:08 CET 2009
+--On 14 novembre 2009 10:52:00 +0900 Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote: | On Fri, Nov 13, 2009 at 05:57:36PM -0500, | Paul Wouters <paul at xelerance.com> wrote | a message of 15 lines which said: | |> Only if you're willing to wait 2 years on .com to get signed. | | If you have a ".com", you will need to wait for ".com" to be signed + | for ".com" to accept DS records (for most TLD which were signed, there | was a non-trivial delay here) + for your registrar to accept and relay | DS records (the experience with AAAA glue records makes me pessimistic | here). | | So, yes, saying we won't need DLV after the root is signed is | short-sighted. Ok, I should have been more specific, I meant when the root is signed and I can verify the signatures all the way down. Of course DLV will be very useful in the years to come. -- Mathieu Arnold who's just had to remove DNSSEC from a few zones because of qmail.
- Previous message (by thread): [dns-wg] Re: DNSSEC - DS RR provisioning
- Next message (by thread): [dns-wg] DNSSEC - DS RR provisioning
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]