In response to a recent question I saw regarding DNSSEC on RIPE domains, I'd like to ask if there's any sort of draft or standard that anyone knows about for doing DNSSEC in the public, using either a "root" key and/or possibly having master keys pulished in WHOIS? I see a very experimental thing Verisign is doing for the .net zone, and also for some other opt-in zone, but I'm sure that's highly experimental at this point. I guess my question is: is there even something up for discussion at this point? I know it's early in the game. Thanks Dan -- "I can feel it, comin' back again...Like a rolling thunder chasin' the wind..." -Dan Mahoney, JS, JB & SL, May 10th, 1997, Approx 1AM --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------