NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
James Gannon <[log in to unmask]>
Reply To:
James Gannon <[log in to unmask]>
Date:
Thu, 26 May 2016 09:57:38 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (1 lines)
Have you got any specific examples?









On 26/05/2016, 10:50, "NCSG-Discuss on behalf of Niels ten Oever" <[log in to unmask] on behalf of [log in to unmask]> wrote:



>Hi all,

>

>I have been talking to several registrars (especially smaller ones that

>provide a lot of support to NGOs), that do not provide DNSSEC yet as

>part of their service.

>

>The story that I keep on hearing is that even the most experienced

>engineers have issues with understanding the configuration of the KSK

>and Zone signing keys and the key rollover, inconsistencies in

>documentation and therefore lack of adoption, because in case of a

>mistake this might seriously impact the production environment.

>

>I think the adoption of DNSSEC is an issue we should care about because

>it has the potential to radically increase trust in the DNS system.

>

>Is this an issue you all recognize, and do you know how / if ICANN makes

>(or can make) this easier?

>

>Best,

>

>Niels

>

>

>-- 

>Niels ten Oever

>Head of Digital

>

>Article 19

>www.article19.org

>

>PGP fingerprint    8D9F C567 BEE4 A431 56C4

>                   678B 08B5 A0F2 636D 68E9

>


ATOM RSS1 RSS2