I propose a lightweight DNSSEC. http://www.ietf.org/id/draft-yao-dnsext-msig-00.txt
which may push the dnssec to be deployed easily. :) Jiankang Yao ----- Original Message ----- From: "Stephane Bortzmeyer" <bortzme...@nic.fr> To: <ietf@ietf.org> Sent: Tuesday, August 31, 2010 2:41 PM Subject: DNSSEC is hard to get right >% check-sig iab.org > Name iab.org has an expired signature (20100829223019) > > :-( > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf