To:
Edward Lewis <lewis@tislabs.com>
Cc:
Miek Gieben <miekg@nlnetlabs.nl>, Scott Rose <scottr@antd.nist.gov>, dnssec@cafax.se, DNSEXT WG Mailing list <namedroppers@ops.ietf.org>
From:
Miek Gieben <miekg@nlnetlabs.nl>
Date:
Wed, 4 Jul 2001 15:10:30 +0200
Content-Disposition:
inline
In-Reply-To:
<v03130303b768c383bb64@[192.94.214.124]>; from lewis@tislabs.com on Wed, Jul 04, 2001 at 09:01:10AM -0400
Sender:
owner-dnssec@cafax.se
User-Agent:
Mutt/1.2.5i
User-Agent:
Mutt/Linux
Subject:
Re: I-D ACTION:draft-ietf-dnsext-dnssec-opt-in-00.txt
[On 04 Jul, 2001, Edward Lewis wrote in " Re: I-D ACTION:draft-ietf-dnsext-dnssec-opt-in-00.txt "] > At 8:06 AM -0400 7/4/01, Miek Gieben wrote: > >which zones are going to use opt-in? .com and .net? Can't we just say > >that we will never do DNSSEC on .com/.net and friends. If you want to > >be secure get your secure domainname under .secure? > > .com not use DNSSEC? Perish the thought! > > I think we can hammer opt-in into the default dnssec mode of operation > (protocol and procedure) so that .com and other big zones are NOT special > cases. That's one step further. I'm not against opt-in, but it would be nice to have just one standard, either opt-in or plain dnssec. grtz Miek