[84383] in North American Network Operators' Group
RE: DNSSEC in public
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Mon Sep 12 11:41:15 2005
Date: Mon, 12 Sep 2005 15:40:39 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <0a2401c5b79e$7bf3acd0$6503a8c0@Marc4>
To: "Marcus H. Sachs" <marc@sachsfamily.net>
Cc: "'Dan Mahoney, System Admin'" <danm@prime.gushi.org>,
nanog@nanog.org
Errors-To: owner-nanog@merit.edu
On Mon, 12 Sep 2005, Marcus H. Sachs wrote:
>
> Dan, check out http://www.dnssec-deployment.org/
>
also Sparta has:
http://www.dnssec-tools.org/
and from some other place:
http://www.dnssec.net/ (no idea about quality on this, but it does
mention RIPE including an 'howto dnssec' :) )
Perhaps one or more of these will de-mystify the dns-sec issue? :)
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Dan
> Mahoney, System Admin
> Sent: Monday, September 12, 2005 6:15 AM
> To: nanog@nanog.org
> Subject: DNSSEC in public
>
>
>
> In response to a recent question I saw regarding DNSSEC on RIPE domains,
> I'd like to ask if there's any sort of draft or standard that anyone knows
> about for doing DNSSEC in the public, using either a "root" key and/or
> possibly having master keys pulished in WHOIS?
>
> I see a very experimental thing Verisign is doing for the .net zone, and
> also for some other opt-in zone, but I'm sure that's highly experimental
> at this point.
>
> I guess my question is: is there even something up for discussion at this
> point? I know it's early in the game.
>
> Thanks
>
> Dan
>
> --
>
> "I can feel it, comin' back again...Like a rolling thunder chasin' the
> wind..."
>
> -Dan Mahoney, JS, JB & SL, May 10th, 1997, Approx 1AM
>
> --------Dan Mahoney--------
> Techie, Sysadmin, WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144 AIM: LarpGM
> Site: http://www.gushi.org
> ---------------------------
>
