nanog mailing list archives
Re: hat tip to .gov hostmasters
From: Colin Alston <karnaugh () karnaugh za net>
Date: Mon, 22 Sep 2008 17:02:47 +0200
Florian Weimer wrote:
* Jason Frisvold:On Mon, Sep 22, 2008 at 10:34 AM, Scott Francis <darkuncle () gmail com> wrote:nice to see a wholesale DNSSEC rollout underway (I must confess to being a little surprised at the source, too!). Granted, it's a much more manageable problem set than, say, .com - but if one US-controlled TLD can do it, hope is buoyed for a .com rollout sooner rather than later (although probably not much sooner :)).I'm not much up on DNSSEC, but don't you need to be using a resolver that recognizes DNSSEC in order for this to be useful?Correct, you need a validating, security-aware stub resolver, or the ISP needs to validate the records for you.
In public space like .com, don't you need some kind of central trustworthy CA?
Current thread:
- hat tip to .gov hostmasters Scott Francis (Sep 22)
- Re: hat tip to .gov hostmasters Jason Frisvold (Sep 22)
- Re: hat tip to .gov hostmasters Florian Weimer (Sep 22)
- Re: hat tip to .gov hostmasters Colin Alston (Sep 22)
- Re: hat tip to .gov hostmasters Florian Weimer (Sep 22)
- RE: hat tip to .gov hostmasters marcus.sachs (Sep 22)
- Re: hat tip to .gov hostmasters Florian Weimer (Sep 22)
- Re: hat tip to .gov hostmasters bmanning (Sep 22)
- Re: hat tip to .gov hostmasters Edward Lewis (Sep 22)
- Re: hat tip to .gov hostmasters bmanning (Sep 22)
- Re: hat tip to .gov hostmasters Florian Weimer (Sep 22)
- Re: hat tip to .gov hostmasters Mark Andrews (Sep 22)
- Re: hat tip to .gov hostmasters Jason Frisvold (Sep 22)
- RE: hat tip to .gov hostmasters Keith Medcalf (Sep 22)
- Re: hat tip to .gov hostmasters Florian Weimer (Sep 22)
- RE: hat tip to .gov hostmasters Keith Medcalf (Sep 22)