In article <37864F03-56E5-4611-BDD8-567730756149(_at_)dukhovni(_dot_)org> you
On Oct 10, 2019, at 4:36 PM, John Levine <johnl(_at_)taugh(_dot_)com> wrote:
Oh, whoops, thay said, and sp.am is now signed. But with this much
effort, no wonder most other 2LDs in .am are not.
Yes, one of they key barriers to DNSSEC adoption is lack of a uniform
interface between registrant and registrar for creation and maintenance
of DS RRsets.
Not just registrant, but DNS operator. As I may have said once or
twice, I have about 100 zones where I run the DNS for someone else,
and I am not going to pretend to be my registrants to install the DS
CDS support at registries is essential to removing this roadblock to DNSSEC
adoption, by getting the registrar out of the critical path.
Unless I missed something, CDS currently only lets you update DS records,
not install them initially.
ietf-smtp mailing list