To:
Eduardo Duarte <eduardo.duarte@fccn.pt>
Cc:
ietf-provreg@cafax.se, "'WG-DNS'" <wg-dns@fccn.pt>
From:
Edward Lewis <Ed.Lewis@neustar.biz>
Date:
Tue, 26 Jan 2010 13:56:12 -0500
In-Reply-To:
<4B5DB135.9010801@fccn.pt>
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: [ietf-provreg] Revision of 4310
At 14:56 +0000 1/25/10, Eduardo Duarte wrote: >On our implementation of DNSSEC a domain can have multiple DS keys >associated were some are active and other are in an inactive state. I am not sure what active/inactive means. Does an inactive DS record appear in the parent zone? In my view - active/inactive could mean 1) published/not-published in the parent zone 2) tthe corresponding DNSKEY is published/not-published in the child zone 3) that the DNSKEY set in the child zone is signed/not-signed by the corresponding private key. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 As with IPv6, the problem with the deployment of frictionless surfaces is that they're not getting traction. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se