--On Wednesday, 26 November, 2008 10:50 -0500 Russ Housley
<housley(_at_)vigilsec(_dot_)com> wrote:
I have been approached about a plenary experiment regarding
DNSSEC. The idea is for everyone to try using DNSSEC-enabled
clients during the plenary session. I like the idea. What do
others think?
I think it is a wonderful idea.
I must have a DNSSEC-enabled client for WinXP floating around
here somewhere (not a browser extension, but something my email
and Jabber clients can call and that has a well-sorted-out UI to
deal with verification failures).
I also assume those clients will be performing validation
against a signed root zone, signed ORG, COM, and several
national ccTLD zones, signed IETF.ORG, IAB.ORG, RFC-EDITOR.ORG,
and IANA.ORG zones, etc.
Do you have a plan about who is going to supply the low-velocity
flying pigs for this meeting? Perhaps we could get them to
listen for DNS queries and cache and transport responses.
Sorry for the sarcasm, but some operational reality would be a
good idea for ideas like this.
john
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf