-----Original Message-----
From: ietf-bounces(_at_)ietf(_dot_)org
[mailto:ietf-bounces(_at_)ietf(_dot_)org] On
Behalf Of Joe Abley
Sent: Thursday, February 25, 2010 1:06 PM
To: Tony Finch
Cc: Phillip Hallam-Baker; IETF Discussion
Subject: Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today
announced ithas adopted DNSCurve to secure DNS)
On 2010-02-24, at 15:50, Tony Finch wrote:
On Wed, 24 Feb 2010, Shane Kerr wrote:
DNSSEC declares out of scope:
* the channel where DS records get added to the parent
Is that actually out of scope or just not specified yet?
The whole channel from end-user (registrant) to registry
cannot usefully be specified in any general way because there
is no consistent way of interacting with a registrar (in the
name of open competition) and no consistent
registry-registrar-registrant structure across all TLDs (for
reasons that surely would require more than one parenthetical
phrase to describe adequately).
The component that concerns communication between a registry
and a registrar does have one solution that has been
standardised in the IETF, however, which is being implemented
at some TLDs, I hear.
http://www.ietf.org/rfc/rfc4310.txt
Implementation experience has uncovered some deficiencies in 4310. A
proposal to address the deficiences is being developed as an individual
submission:
http://www.ietf.org/id/draft-gould-rfc4310bis-05.txt
Scott
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf