[95653] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: America takes over DNS

daemon@ATHENA.MIT.EDU (Gadi Evron)
Sun Apr 1 12:23:04 2007

Date: Sun, 1 Apr 2007 10:46:55 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: David Conrad <drc@virtualized.org>
Cc: "J. Oquendo" <sil@infiltrated.net>, nanog@merit.edu
In-Reply-To: <7894F789-5250-4A0B-A787-C0A2252D589A@virtualized.org>
Errors-To: owner-nanog@merit.edu


On Sun, 1 Apr 2007, David Conrad wrote:
> 
> Hi,
> 
> On Apr 1, 2007, at 6:54 AM, J. Oquendo wrote:
> > Summary:
> 
> Confusion resulting from hearsay and extrapolations.
> 
> > The "key-signing key" signs the zone key, which is held by VeriSign.
> 
> Except that the root zone hasn't been signed and there are no plans I  
> am aware of do so (and I think I'd probably know).  In one possible  
> scenario, VeriSign would hold the zone signing key which would be  
> signed by the key signing key.  Who holds the KSK hasn't been  
> established.
> 
> However, in reality, nothing would change.  Even if the root were to  
> be signed, who signs it doesn't really matter -- the USG already must  
> approve any changes made to the root zone.

And of course, it can only approve "Willing changes".

> 
> Rgds,
> -drc
> 


home help back first fref pref prev next nref lref last post