It would appear from what Alexander analysed is the "non-functionality" aspect, and prior art on other aspects. See: "What Verisign actually proposes is essentially the same process described in the IETF draft, but with one step omitted. The problem with Verisign "invention" is that after we change the NS records (step S1060) and some resolver have an old RRSIG in it's cache and the DNSKEY is already expired from the cache, what will happen is that the recursive resolver will query the new authoritative servers for the DNSKEY records and will get the new DNSKEY RRset without the old ZSK (that is the invention). What we end up with is an RRSIG signed with the old DNSKEY, and the new DNSKEY RRset (which have no old DNSKEY - that is the invention). *Recursive resolver will not be able to validate the RSSIG, and DNSSEC * *validation will fail. *The domain will not validate and therefore it will not be accessible. The same story repeats itself for a case where only the DNS hosting provider is switched (and not the registrar) - paragraphs [0070]..[0075], adding another mistake at [0075] c. - Verisign suggests to change the nameservers and then immediately "Remove losing hosting provider DS record".* But what if * *some recursive resolver have RRSIG and DNSKEY in it's cache, while the DS record is already expired ? - The resolver will receive the new DS only and the * *domain will fail to validate again."* * * On Wed, Oct 10, 2012 at 9:49 AM, Dr Eberhard W Lisse <el@lisse.na> wrote:
So, one should not object to it on the ground of "prior art" but "non functionality"?
el
On 2012-10-09 23:29 , Salanieta T. Tamanikaiwaimaro wrote:
Dear All,
There is a comparison between the existing Internet Draft on Domain Name Transfers and Verisign's Patent Applications which people can access via http://ubuntuone.com/4Bz1BqOsGMkTUQgViEL0rz
Kind Regards, Sala
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851