7 Jul
2005
7 Jul
'05
11:59 a.m.
On Wed, 6 Jul 2005 05:17:28 -1000 Randy Bush <randy@psg.com> wrote:
In the absence of a signed parent domain the trusted-keys will be made available through a secured web page. The keys will only be made available after we start signing the zone in production.
Also see the last part of: http://www.ripe.net/rs/reverse/dnssec/key-maintenance-procedure.html
sigh. and the rirs can not get together and do a ksk system for in-addr.arpa?
Randy, Positive experiences gained during the rollout by the RIPE NCC will no-doubt be of influence on the timeframe on which we'll see DNSSEC deployed on the in-addr.arpa domain. --Olaf (quickly turning into a politician :-) )