North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: wrt joao damas' DLV talk on wednesday

  • From: David W. Hankins
  • Date: Tue Jun 13 17:06:17 2006

On Tue, Jun 13, 2006 at 10:27:49AM -0700, Randy Bush wrote:
> if other non-delegators run dlv services, they will have the same
> issues.


> and if you are a delegator, why play dlv as you can
> directly sign?

I think Paul answered this question (it's because of the way
DNSSEC-bis proves non-existence).

I basically can't answer your other questions.  I don't know the
answers to most of them and don't want to guess at the others.

And as for IANA applicability, I guess I'll have to give up and
defer to you and DRC.  It still sounds wonky to me that you would
operate the root's authentication chain out-of-band like a DLV
registry when in-band seems so much more useful and reliable.

But clearly I don't know enough about the root's (scary) problems.

> when charles mussisi flies
> from kampala to redwood city,

I think our staff in Europe are closer to Kampala than 950 Charter,
and I assume at least one of them would be authorized, and I assume
that there are some events somewhere that both Mr. Mussisi and some
authorized member of our staff are likely to both attend.

But if you would like to imagine for a moment that we actually require
people to meet us in a faraday cage embedded 30 feet under the Arctic
ice in an undisclosed location - just take a metal detector with you
and knock on the ice when you think you've found us - then which of
Paul's list of 5 other options would you prefer?  Or is there a 6th?

How soon can you start?

That's an important open question in this dialogue.

David W. Hankins		"If you don't do it right the first time,
Software Engineer			you'll just have to do it again."
Internet Systems Consortium, Inc.		-- Jack T. Hankins

Attachment: pgp00007.pgp
Description: PGP signature