<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Secure DNS
Rick and al.
I suppose that as part of their published plan towards the
"privatization of the Internet" GRS will propose a Verisign
solution testbed soon.
- do you think they could keep that solution optionnal?
- do you think that solution could be made fully transparent to the
DNS operations?
Jefsey
At 16:38 15/09/00, you wrote:
>Harald,
>
>On Fri, 15 Sep 2000, Harald Alvestrand wrote:
>
> > Once the technology is ready, ICANN needs to decide on the procedures for
> > generating keys, signing the root zone and so on.
> > I *hope* these procedures are relatively uncontroversial; the biggest
> > practical question is probably who shall hold the pieces of the root key,
> > and how it should be secured against compromise and accidental loss.
>
>ICANN, the registries and registrars are going to have to work out how the
>protocols (currently only RRP 1.1.0) will be updated to manage the keys,
>if they are to be put into the root, the keys will have to be sent to the
>registry somehow. The discussions on how to do this have not even begun.
>
>-rick
>
>
>--
>This message was passed to you via the ga@dnso.org list.
>Send mail to majordomo@dnso.org to unsubscribe
>("unsubscribe ga" in the body of the message).
>Archives at http://www.dnso.org/archives.html
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|