I support universal DNSSEC. -----Original Message-----
From: Evan Leibovitch <evan@telly.org> Sent: Apr 7, 2011 4:56 PM To: "John R. Levine" <johnl@iecc.com> Cc: NARALO Discussion List <na-discuss@atlarge-lists.icann.org> Subject: Re: [NA-Discuss] Stability, Security, and Resilience of the DNS Review Team
On 7 April 2011 16:45, John R. Levine <johnl@iecc.com> wrote:
For those community-based TLD proposals from poorer economies -- the ones
for whom the JAS group has been formed to try to lower costs -- the use of one of the big registry operators is *not* a given, and in these cases the cost of implementing DNSSEC could be significant.
I see your point, but I don't think it's a problem. If you have a small zone, you can do everything with BIND or NSD or unbound. You need competent staff to manage it, but it's all industry standard free software, most likely the same software you'd be using anyway. If .MUSEUM can sign and publish, which it does using that freeware, I think it's fair to expect other small TLDs to do the same thing.
Just to be clear... you're saying the benefits of universal DNSSEC outweigh the costs, even for smaller (and less financially capable) TLDs. (And there will certainly be costs to implement, even if the software itself is free...)
This, combined with Eduardo's agreement that DNSSEC should be mandatory everywhere, seems to indicate a lack of agreement with an ALAC statement that suggests otherwise.
What do other think? If there is even partial agreement with the stances taken by Eduardo and John, I can't really vote in favour of the statement.
- Evan ------ NA-Discuss mailing list NA-Discuss@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
Visit the NARALO online at http://www.naralo.org ------