On Tue, Jun 05, 2007 at 10:28:23AM +0200, Ralf Weber wrote: > Moin! > > As pointed out several times throughout the draft DNSSEC deployment > would make reverse mappings more reliable. So wouldn't it be a good > idea to put a paragraph in the draft to encourage LIRs and providers > to sign there reverse zones? Key management for reverse zone probably > isn't as political as for the root zone, and AFAIK RIPE already does > this.
Would adding a note in the Security Considerations section to the following effect address this issue for you: To the extent that the DNS Security Extensions make DNS results more reliable, deployment of the DNS Security Extensions in the reverse tree will also make the reverse mappings more reliable ? A -- Andrew Sullivan 204-4141 Yonge Street Afilias Canada Toronto, Ontario Canada <[EMAIL PROTECTED]> M2P 2A8 jabber: [EMAIL PROTECTED] +1 416 646 3304 x4110 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop