[127846] in North American Network Operators' Group
Re: Root Zone DNSSEC Deployment Technical Status Update
daemon@ATHENA.MIT.EDU (Edward Lewis)
Fri Jul 16 11:37:11 2010
In-Reply-To: <20100716145315.GA19935@ussenterprise.ufp.org>
Date: Fri, 16 Jul 2010 11:36:47 -0400
To: Leo Bicknell <bicknell@ufp.org>
From: Edward Lewis <Ed.Lewis@neustar.biz>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
At 7:53 -0700 7/16/10, Leo Bicknell wrote:
>Perhaps you could explain why the keys are being made available in
>formats that, as far as I can tell, no nameserver software on the
>planet uses?
(My guess:)
There's no standard input format for name servers, especially
regarding configuration information. The problem isn't (just) that
the root anchor isn't in the format for any name server, the problem
is that name servers can't read the formats given.
If you want it for BIND, for example, ISC would be the place to get
it in the "trusted-keys" syntax.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar You can leave a voice message at +1-571-434-5468
Spouses, like Internet protocols, lack necessary troubleshooting tools. Sigh.
