Good morning to all, This is your SSAC liaison speaking. I am requesting your thoughts on what expected impact DNSSEC will have on end users. My goal is to contribute ideas to the the agenda of the DNSSEC sessions at the San Francisco meeting. Currently, with DNSSEC enabled on the DNS resolver you use (typically, the one assigned to you by your ISP), a domain name failing DNSSEC resolution returns a code to your browser saying the domain does not exist. You would get a blank page displayed in your browser saying the domain is unreachable, similar to what you get when you type an invalid domain name in the browser bar. Some suggest that browsers should return a warning instead, similar to the one you get with an invalid SSL certificate. The counter-argument to this is that most users tend to ignore these warnings anyway and just click OK to go ahead. Further, some say that ISP support desks will get lots of calls from customers complaining about "the Internet is not working" if users are annoyed by pop-up messages, for what appears to be legitimate domain names. Obviously, I do not claim that the Internet is just the web. But is is right now the most visible part and the one which requires direct interaction from the user. I am interested in your thoughts about this. Patrick Vande Walle -- Blog: http://patrick.vande-walle.eu Twitter: http://twitter.vande-walle.eu