On Jun 24, 2010, at 11:59 AM, George Barwood wrote:
It could also note that validators SHOULD NOT check the RRSIG for a DNSKEY
RRset
where all the keys are validated by DS records.
This document (4641-bis) is supposed to give operational guidance only.
Implementation guidance for
On Jun 16, 2010, at 5:25 PM, John Dickinson wrote:
Hi,
Sorry for the very late reply to this issue.
http://www.nlnetlabs.nl/svn/rfc4641bis/trunk/open-issues/trust_anchor_configuration
Paul asked for proper use of 5011 to be added to 4641bis. I agree, In fact
could we go further and
You probably noticed I swapped in the document and tackling issues one-by-one.
On Mar 20, 2010, at 8:51 PM, Chris Thompson wrote:
On Mar 20 2010, Paul Wouters wrote:
On Sat, 20 Mar 2010, Olaf Kolkman wrote:
- http://www.nlnetlabs.nl/svn/rfc4641bis/trunk/open-issues/NSEC-NSEC3
That
On Mar 24, 2010, at 11:19 PM, Patrik Fältström wrote:
General comment:
The document is not clear enough regarding the roles of the registrant, dns
operator, registrar and registry -- where the dns operator is in the document
implied to be the one that hold the private keys. Further, the
On Thu, Jul 08, 2010 at 11:39:33AM +0200, Olaf Kolkman wrote:
I observe though that 4641 is mainly written from the perspective of a
'zone-owner' and that I am not quite sure where to give specific advice to
administrators of recursive nameservers.
So before text is drafted there is an
Thanks Olaf!
Patrik
On 8 jul 2010, at 15.04, Olaf Kolkman wrote:
On Mar 24, 2010, at 11:19 PM, Patrik Fältström wrote:
General comment:
The document is not clear enough regarding the roles of the registrant, dns
operator, registrar and registry -- where the dns operator is in the
