The U.S. National Telecommunications and Information Administration (NTIA) is soliciting comments on signing the DNSSEC root. Ignore the caption on the page: this is not about DNSSEC deployment, which is already happening just fine. It's about who gets to sign the root zone.
A handful of us DNSSEC dweebs wrote a response that emphasizes the technical need to start signing sooner rather than later, and strongly supports signing by either of the parties who are already trusted to put information into the root—IANA or the root zone operators. My name is on the 'From:' line simply because I was the one to email it to the NTIA. I wrote the first draft of the document, but other signers did some serious editing before we turned it in.
We hope that this will help NTIA feel more at ease about moving forwards quickly without agonizing about all the different people who want to hold the keys.
Source:circleid.com/posts/20081113_proposal_signing_dnssec_root_zone
Search DNSSEC Blog
DNSSEC NEWSFLASH
Sunday, November 16, 2008
Proposal for Signing the DNSSEC Root
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment