Dan, check out http://www.dnssec-deployment.org/ Marc Marcus H. Sachs, P.E. SRI International 1100 Wilson Blvd Suite 2800 Arlington VA 22209 www.hsarpacyber.com -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Dan Mahoney, System Admin Sent: Monday, September 12, 2005 6:15 AM To: nanog@nanog.org Subject: DNSSEC in public In response to a recent question I saw regarding DNSSEC on RIPE domains, I'd like to ask if there's any sort of draft or standard that anyone knows about for doing DNSSEC in the public, using either a "root" key and/or possibly having master keys pulished in WHOIS? I see a very experimental thing Verisign is doing for the .net zone, and also for some other opt-in zone, but I'm sure that's highly experimental at this point. I guess my question is: is there even something up for discussion at this point? I know it's early in the game. Thanks Dan -- "I can feel it, comin' back again...Like a rolling thunder chasin' the wind..." -Dan Mahoney, JS, JB & SL, May 10th, 1997, Approx 1AM --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------