Hi Phil,
On Tue, Aug 31, 2010 at 11:02 AM, Phillip Hallam-Baker
<hallam(_at_)gmail(_dot_)com> wrote:
Whether or not the IAB zone is signed is of negligible consequence.
But the fact that the IAB zone signatures had expired is a highly
significant data point: DNSSEC administration is not quite as easy as
some of the glib claims of its more enthusiastic supporters would lead
one to believe.
Sounds like a straw man to me. Can you provide a pointer to some of
these glib claims?
For years I have been hearing, correctly I believe, that lack of
logistical and administrative tools and support for DNSSEC was the
main problem slowing deployment. Recent developments like RFC 5011
(Automated Updates of DNS Security (DNSSEC) Trust Anchors) have
improved things a lot. And, as an original architect of DNSSEC, I
admit that the early proposal set was deficient in this area.
Donald
On Tue, Aug 31, 2010 at 10:36 AM, Glen Barney (AMS)
<glen(_at_)amsl(_dot_)com> wrote:
Community -
The DNS zone files have been re-signed, and we will look into alternatives to
the original DNSSEC tools that were in use (which seem to be broken.)
And just a reminder that, while posting complaints to this list might feel
more therapeutic, the secretariat has an address set up for trouble reports,
which is ietf-action(_at_)ietf(_dot_)org . Sending complaints to that
address will
generally get much faster results.
Thank you!
Glen
Glen Barney
IT Director
AMS (IETF Secretariat)
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf