I think that this may interest some folks on this list. -- Brett Carr RIPE Network Coordination Centre Manager -- DNS Services Group Singel 258 Amsterdam NL GPG Key fingerprint = F20D B2A7 C91D E370 44CF F244 B6A1 EF48 E743 F7D8 ---------- Forwarded message ---------- Date: Thu, 4 Jan 2007 12:26:25 +0100 From: "[iso-8859-1] Anne-Marie Eklund-Löwinder" <Anne-Marie.Eklund-Lowinder@iis.se> To: DNSSEC deployment <dnssec-deployment@shinkuro.com> Subject: [dnssec-deployment] New KSK for .SE -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 New key signing key (KSK) for .SE As from today, 2007-01-04 .SE publish and take into use a new KSK for signing the .SE zone file. The old key will be valid until 2008-01-01. If you have configured the old key (Key id = 17686) into your resolver we strongly recommend you to replace it with the new key (Key id = 6166) no later than 2007-12-31. Following public keys are valid for .SE: se. IN DNSKEY 257 3 5 ( AwEAAaxPMcR2x0HbQV4WeZB6oEDX+r0QM65KbhTjrW1Z aARmPhEZZe3Y9ifgEuq7vZ/zGZUdEGNWy+JZzus0lUpt wgjGwhUS1558Hb4JKUbbOTcM8pwXlj0EiX3oDFVmjHO4 44gLkBOUKUf/mC7HvfwYH/Be22GnClrinKJp1Og4ywzO 9WglMk7jbfW33gUKvirTHr25GL7STQUzBb5Usxt8lgny TUHs1t3JwCY5hKZ6CqFxmAVZP20igTixin/1LcrgX/KM EGd/buvF4qJCyduieHukuY3H4XMAcR+xia2nIUPvm/oy WR8BW/hWdzOvnSCThlHf3xiYleDbt/o1OTQ09A0= ) ; key id = 17686 se. IN DNSKEY 257 3 5 ( AwEAAb6xRZHEf+PyF5dxEvz0BHEHbziu6iZaiNW/yjSa ZcmrmZiRMF8FPppD+XuKSau0rgu4eBwYdpkEoMVR4FhI 8frkuPHIue2LP1ETo+2hCrdr60K1538yLvzbOhMxXt6k njPN+OlalMmCknadaofKga5FLKOPQs2C3nw6AH4WUNGr chmDMVBwRwfZdQXYZTXesqULmGMK7mwjQGOxerRDQWrF v8NhNnVV31PihaYBdQ1TJjvfGS/FYZJwv/BddiELiLeU nNWu3AOsRAshgOcDBOAPUvKJNEq6RHELFmvXOOe2d8H2 yzv02EMQik6GwUm16DrSdmX+SWfelQs+9ELFN6k= ) ; key id = 6166 The keys are also available at http://dnssec.iis.se/key.html DNS users that haven't earlier but are going to configure their DNS to ask for DNSSEC answers should only use the new key. DNS users that haven't explicitly configured their DNS to ask for DNSSEC answers this will not involve any changes at all. We do also advice you to subscribe to the dnssec-announce@lists.nic.se mailing list to get notified about key rollovers and any other important changes Questions may be addressed to dnssec-info@iis.se Anne-Marie Eklund Löwinder Quality & Security Manager .SE (The Internet Infrastructure Foundation) P O Box 7399 103 91 Stockholm Sweden Tel: +46 8 452 35 00, direct: +46 8 452 35 17, mobile: +46 734 315 310 E-mail: anne-marie.eklund-lowinder@iis.se Web: www.iis.se -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBRZzkYaXc8AFCsc+UEQLWwwCaAibkesPscNtzsjeWWLmrFKLcaa8AoJli +i6VDyKfg8wqbW9lkCwynJY5 =YaRn -----END PGP SIGNATURE----- ############################################################# This message is sent to you because you are subscribed to the mailing list <dnssec-deployment@shinkuro.com>. To unsubscribe, E-mail to: <dnssec-deployment-off@shinkuro.com> A public archive is available here: <http://mail.shinkuro.com:8100/Lists/dnssec-deployment/> and older material is at <http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>