North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: hat tip to .gov hostmasters
* Jason Frisvold: > On Mon, Sep 22, 2008 at 10:34 AM, Scott Francis <[email protected]> wrote: >> nice to see a wholesale DNSSEC rollout underway (I must confess to being a >> little surprised at the source, too!). Granted, it's a much more manageable >> problem set than, say, .com - but if one US-controlled TLD can do it, hope >> is buoyed for a .com rollout sooner rather than later (although probably not >> much sooner :)). > > I'm not much up on DNSSEC, but don't you need to be using a resolver > that recognizes DNSSEC in order for this to be useful? Correct, you need a validating, security-aware stub resolver, or the ISP needs to validate the records for you. -- Florian Weimer <[email protected]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
|