[83726] in cryptography@c2.net mail archive
Re: DNSSEC to be strangled at birth.
daemon@ATHENA.MIT.EDU (Florian Weimer)
Thu Apr 5 19:16:35 2007
From: Florian Weimer <fw@deneb.enyo.de>
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
Cc: cryptography@metzdowd.com, dave.korn@artimi.com
Date: Thu, 05 Apr 2007 22:56:06 +0200
In-Reply-To: <E1HZT4O-0001hE-00@medusa01.cs.auckland.ac.nz> (Peter Gutmann's
message of "Fri, 06 Apr 2007 02:36:12 +1200")
* Peter Gutmann:
> "Dave Korn" <dave.korn@artimi.com> writes:
>
>>Surely if this goes ahead, it will mean that DNSSEC is doomed to widespread
>>non-acceptance.
>
> I realise this is a bit of a cheap shot, but:
>
> How will this be any different from the current situation?
You can see that the keys change and draw your conclusions. Right
now, you need to watch the actual data, which is a bit unwieldy (2.5%
daily change rate for .COM/.NET and things like that).
By the way, who else has expressed willingness to hold the key, under
reasonable conditions? Would it be preferable if some
non-governmental organization held the keys, after receiving an
indemnification guarantee from Congress?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
