Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end

ietf

Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end

2009-06-11 22:32:42

Hi,

On Jun 11, 2009, at 8:35 PM, Stephen Kent wrote:

But, in a DNSSEC environment, IANA performs two roles:

- it coordinates the info from the gTLDs and ccTLDs andconstructs

          the authoritative root zone file
        - it signs the records of that file


Nope.  Just to clarify things:

IANA (well, ICANN as the IANA functions operator) receives andvalidates root zone changes.

VeriSign constructs and publishes the root zone to the root serveroperators.

In the context of DNSSEC, as documented at http://www.icann.org/en/announcements/announcement-2-03jun09-en.htm, VeriSign will have operational responsibility for the zone signingkey and ICANN will manage the key signing process.


Regards,
-drc

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, (continued) Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Phillip Hallam-Baker Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Phillip Hallam-Baker Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Phillip Hallam-Baker Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Phillip Hallam-Baker Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Phillip Hallam-Baker Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Stephen Kent Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, David Conrad <= Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Stephen Kent Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Florian Weimer Message not available Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Phillip Hallam-Baker Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Florian Weimer

Previous by Date:	Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Stephen Kent
Next by Date:	Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Mark Andrews
Previous by Thread:	Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Stephen Kent
Next by Thread:	Re: Let's move on - Let's DNSCurve Re: DNSSEC is NOT secure end to end, Stephen Kent
Indexes:	[Date] [Thread] [Top] [All Lists]