On Oct 21, 2013, at 4:39 PM, Phil Regnauld <regna...@nsrc.org> wrote:
> Michele Neylon - Blacknight (michele) writes: >> >>> Yes, I've noticed that Google is still not signing. Maybe the >>> continuing hijackings of their ccTLD domains will move them. >> >> I suspect they're more interested in getting "registry lock" in place rather >> than DNSSEC. > > That'd be assuming most registries have the concept of lock, which is > far from being the case. Some do, some don't… In some cases the "registry lock" is actually just a comment in a zone file, saying something along the lines of: ; -------- WARNING --------- ; Don't change this! ; Call Warren at +1-xxx-xxx-xxxx before making any changes. ; -------- WARNING ------- In a number of cases registries don't "officially" support locks, but have been willing to do something unusual for a beer / friend. > >> Most of the attacks against Google have involved changing the name servers >> completely .. > > Through social engineering and sometimes through directed attacks, yes. Sadly yes. W > > Cheers, > Phil > _______________________________________________ > dns-operations mailing list > dns-operations@lists.dns-oarc.net > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs > ------- Tsort's Constant: 1.67563, or precisely 1,237.98712567 times the difference between the distance to the sun and the weight of a small orange. -- Terry Pratchett, "The Light Fantastic" (slightly modified) _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
