Subject: | |
From: | |
Reply To: | |
Date: | Thu, 26 May 2016 09:57:38 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Have you got any specific examples?
On 26/05/2016, 10:50, "NCSG-Discuss on behalf of Niels ten Oever" <[log in to unmask] on behalf of [log in to unmask]> wrote:
>Hi all,
>
>I have been talking to several registrars (especially smaller ones that
>provide a lot of support to NGOs), that do not provide DNSSEC yet as
>part of their service.
>
>The story that I keep on hearing is that even the most experienced
>engineers have issues with understanding the configuration of the KSK
>and Zone signing keys and the key rollover, inconsistencies in
>documentation and therefore lack of adoption, because in case of a
>mistake this might seriously impact the production environment.
>
>I think the adoption of DNSSEC is an issue we should care about because
>it has the potential to radically increase trust in the DNS system.
>
>Is this an issue you all recognize, and do you know how / if ICANN makes
>(or can make) this easier?
>
>Best,
>
>Niels
>
>
>--
>Niels ten Oever
>Head of Digital
>
>Article 19
>www.article19.org
>
>PGP fingerprint 8D9F C567 BEE4 A431 56C4
> 678B 08B5 A0F2 636D 68E9
>
|
|
|