On Mon, 12 Sep 2005, Marcus H. Sachs wrote:
Dan, check out http://www.dnssec-deployment.org/
also Sparta has: http://www.dnssec-tools.org/ and from some other place: http://www.dnssec.net/ (no idea about quality on this, but it does mention RIPE including an 'howto dnssec' :) ) Perhaps one or more of these will de-mystify the dns-sec issue? :)
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Dan Mahoney, System Admin Sent: Monday, September 12, 2005 6:15 AM To: nanog@nanog.org Subject: DNSSEC in public
In response to a recent question I saw regarding DNSSEC on RIPE domains, I'd like to ask if there's any sort of draft or standard that anyone knows about for doing DNSSEC in the public, using either a "root" key and/or possibly having master keys pulished in WHOIS?
I see a very experimental thing Verisign is doing for the .net zone, and also for some other opt-in zone, but I'm sure that's highly experimental at this point.
I guess my question is: is there even something up for discussion at this point? I know it's early in the game.
Thanks
Dan
--
"I can feel it, comin' back again...Like a rolling thunder chasin' the wind..."
-Dan Mahoney, JS, JB & SL, May 10th, 1997, Approx 1AM
--------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------