On Tue, 30 Jun 2009, Patrik Fältström wrote:
A.3. Have the registry remove DS implicitly if domain is transferred to
registrar that does NOT handle DNSSEC.
My suggestion is that we look carefully on option A.3. This does not imply
any changes to any pieces of the protocol, deployed operation or such. And
Note that if you remove the DS record from the parent, you should then wait
the TTL before allowing the transfer, or else you will still have the domain
go dark for those who validators that have the DS record cached.
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
