To:
mansaxel@sunet.se (Måns Nilsson)
Cc:
dnsop@cafax.se
From:
Bill Manning <bmanning@ISI.EDU>
Date:
Thu, 10 Oct 2002 09:46:49 -0700 (PDT)
In-Reply-To:
<283120000.1034255463@localhost> from Måns Nilsson at "Oct 10, 2 03:11:03 pm"
Sender:
owner-dnsop@cafax.se
Subject:
Re: Interim signing of the root zone.
% This is an excellent argument for DNSSEC, in my eyes at least. Yup. One of the best. % Seems there is a to-do list forming here. % * Get more eyeballs on the BIND 9<some version> failure scenarios with % signed root. Can those who reported these speak up? sure. -caching failures with -0722 master and 9.2.1 cache. only the NXT/SIG records are cached. -apparent inability for 922rc1 slaves of -0722 masters from responding w/ SIG/KEY/NXT RRs from a signed zone. (+trace indicates the DNSSEC rrs are available from -another authoritative server- but dig does not show this w/o the trace flag envolked. sam had some other information on resolver behaviour. % * Fix those issues and get a stable 9.3 out. I'd be happy with another public snapshot. --bill #---------------------------------------------------------------------- # To unsubscripbe, send a message to <dnsop-request@cafax.se>.