To:
Mark.Andrews@isc.org, namedroppers@ops.ietf.org, dnsop@cafax.se, dnssec@cafax.se
From:
Brad Knowles <brad.knowles@skynet.be>
Date:
Tue, 16 Jul 2002 17:10:56 +0200
In-Reply-To:
<200207160550.g6G5o8Je073774@drugs.dv.isc.org>
Sender:
owner-dnsop@cafax.se
Subject:
Re: dnssec discussion today at noon
At 3:50 PM +1000 2002/07/16, Mark.Andrews@isc.org wrote: > Getting DNSSEC working > only requires that the operators of the root servers, down > to the zone servers do the right thing. Which is hard enough. Witness all the incredibly screwed up TLD servers. Witness the differences in the modes of operations of the root nameservers themselves -- do you block all zone transfers or not? If we want DNSSEC to be taken seriously, then we have to work to get all the root & TLD servers fixed and operating properly, and have proper punitive measures that we can take if they aren't. Otherwise, we don't have a snowball's chance. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania.