|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
To: "Goltz, Jim (NIH/CIT) [E]" <jgoltz@mail.nih.gov> In-Reply-To: Your message of "Mon, 22 Sep 2008 11:42:33 EDT." <A29D7E1CDB780A42B3AC0F5B8219F4CB34A186@NIHCESMLBX3.nih.gov> Date: Mon, 22 Sep 2008 09:53:56 -0700 From: "Kevin Oberman" <oberman@es.net> X-To: "Goltz, Jim (NIH/CIT) [E]" <jgoltz@mail.nih.gov> Cc: nanog@nanog.org Errors-To: nanog-bounces@nanog.org --==_Exmh_1222102436_41784P Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > Date: Mon, 22 Sep 2008 11:42:33 -0400 > From: "Goltz, Jim (NIH/CIT) [E]" <jgoltz@mail.nih.gov> > > > nice to see a wholesale DNSSEC rollout underway (I must confess to > > being a little surprised at the source, too!). Granted, it's a much > > more manageable problem set than, say, .com - but if one US-controlled > > TLD can do it, hope is buoyed for a .com rollout sooner rather than > > later (although probably not much sooner :)). > > It ain't done yet. > > I don't speak for the hostmasters of .gov or any subdomain thereof. > But I'll believe it when I see it. I am pretty sure that you will see it. Unlike things like the IPv6 requirement, there are no waivers available for this. '.gov' must be signed early next year and all zones delegated from the '.gov' GTLD must be signed in early 2010. I doubt that many will sign until '.gov' is signed, so you won't see much change for a few months. Now, if the DOC people responsible for root would just catch a clue, we could get that signed and have DNSSEC actually usable (except for Mr. Metcalf) in a significant part of the US network before I retire. > Remember, they've also "mandated" IPv6 support on all backbones. Yes, and the goal, relatively insignificant that it was, was met. It was not a requirement that anyone actually use IPv6, only that the agency backbone networks be able to carry IPv6. In fact, the wording was such that doing proper routing was not even really needed. Our backbone has offered IPv6 as a production service since 2002, so it was a non-effort for us. Most other agency backbones were pretty trivial to make "IPv6 capable". The problem is that only the backbone currently needs IPv6. No facility network or end host needs it, No network service needs it. No IPv6 packets, even routing updates, need to be delivered in any useful way. It was a pretty trivial goal and was met with very little effort. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 --==_Exmh_1222102436_41784P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Exmh version 2.5 06/03/2002 iD8DBQFI182kkn3rs5h7N1ERAuo1AJ0ZGUa52hv6i0g/kd/9niyII1uKzQCcCGM1 alJWuNLj8FNj4x2H29RhPAE= =Dhle -----END PGP SIGNATURE----- --==_Exmh_1222102436_41784P--
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |