nanog mailing list archives
Re: wrt joao damas' DLV talk on wednesday
From: "william(at)elan.net" <william () elan net>
Date: Mon, 12 Jun 2006 15:49:45 -0700 (PDT)
On Mon, 12 Jun 2006, Randy Bush wrote:
what is the security policy that isc plans to use over the content of the isc dlv registry? and how will the dvl trust key roll-over and revocation be handled? if the above can not be very clearly answered (by isc?), then this proposal is techno-political hubris at best.yes, or an interesting proof-of-concept that can be taken-up and completed by someone else.actually, i suspect that the issues of dlv are exactly those of iana root signing, key management and tld signature policy. and hence dlv is hoisted on the same petard it attempts to avoid, and then devolves to a simple power play of isc vs iana with neither having a good answer to the real technical and security issues.
Unless I misunderstood the issues are not some-kind of power-play butthat in order to use DNSSEC right now you need to be within the zone/TLD that itself is using DNSSEC and these are almost non-existent right now with zone maintainers unwilling to take necessary financial and other risks associated with upgrading to fully support DNSSEC. So DLV offers potential for individual domain owners to start using DNSSEC without waiting for the registry operator of their domain's TLD or SLD.
This seems good to me and I'm happy ISC as non-profit organization is taking the initiative as I don't want the same situation as waswith domains and certificates at the end of 1990s where profit-driven companies were acting as virtual monopoly in domain business.
-- William Leibzon Elan Networks william () elan net
Current thread:
- Re: wrt joao damas' DLV talk on wednesday, (continued)
- Re: wrt joao damas' DLV talk on wednesday Edward Lewis (Jun 13)
- Re: [nanog] Re: wrt joao damas' DLV talk on wednesday Dan Mahoney, System Admin (Jun 14)
- Re: wrt joao damas' DLV talk on wednesday David W. Hankins (Jun 13)
- Re: wrt joao damas' DLV talk on wednesday Michael . Dillon (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday Todd Underwood (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday Randy Bush (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday Todd Underwood (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday Randy Bush (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday David Conrad (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday Paul Vixie (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday william(at)elan.net (Jun 12)
- Re: wrt joao damas' DLV talk on wednesday Paul Vixie (Jun 13)
- Re: wrt joao damas' DLV talk on wednesday Randy Bush (Jun 13)
- howto deploy DNSSEC [was: Re: wrt joao damas' DLV talk on wednesday] Rick Wesson (Jun 13)
- Re: howto deploy DNSSEC [was: Re: wrt joao damas' DLV talk on wednesday] Randy Bush (Jun 13)
- Re: wrt joao damas' DLV talk on wednesday Lucy E. Lynch (Jun 14)
- Re: wrt joao damas' DLV talk on wednesday Michael . Dillon (Jun 14)
- Re: wrt joao damas' DLV talk on wednesday Paul Vixie (Jun 14)
- Re: wrt joao damas' DLV talk on wednesday Randy Bush (Jun 14)