ICANN/DNSO
DNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Secure DNS



Harald,

On Fri, 15 Sep 2000, Harald Alvestrand wrote:

> Once the technology is ready, ICANN needs to decide on the procedures for 
> generating keys, signing the root zone and so on.
> I *hope* these procedures are relatively uncontroversial; the biggest 
> practical question is probably who shall hold the pieces of the root key, 
> and how it should be secured against compromise and accidental loss.

ICANN, the registries and registrars are going to have to work out how the
protocols (currently only RRP 1.1.0) will be updated to manage the keys,
if they are to be put into the root, the keys will have to be sent to the
registry somehow. The discussions on how to do this have not even begun.

-rick


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>