28 Oct
2008
28 Oct
'08
12:40 p.m.
I was sort of assuming the data itself would be transported over an SSL connection, I just want to make sure I am talking to the right server. On 28 Oct 2008, at 15:19, Stephane Bortzmeyer wrote:
On Tue, Oct 28, 2008 at 03:07:30PM +0400, Joao Damas <Joao_Damas@isc.org> wrote a message of 6 lines which said:
Givens the near-future availability of the IANA TAR, where can I get securely obtain the trust anchor for the iana.org zone (or the zone where the TAR will be served from) ?
Do you *need* it? An ITAR signed with PGP with a key signed in key parties at RIPE/OARC/IETF meetings would be sufficient to me. (HTTPS is another solution.)
Because the DNSSEC TA of iana.org will not protect you against a Kapela & Pilosov attack :-)