On Tue, Jun 30, 2009 at 10:33:15AM -0400, Paul Wouters wrote:
> On Tue, 30 Jun 2009, Patrik Fdltstrvm wrote:
>
> >A.3. Have the registry remove DS implicitly if domain is transferred to
> >registrar that does NOT handle DNSSEC.
> >
> >My suggestion is that we look carefully on option A.3. This does not imply
> >any changes to any pieces of the protocol, deployed operation or such. And
>
> Note that if you remove the DS record from the parent, you should then wait
> the TTL before allowing the transfer, or else you will still have the domain
> go dark for those who validators that have the DS record cached.
>
> Paul
>
Troll...
just a status check here... the TTL of the RRset or the TTL imbedded
in the DS record? or ... the TTL of the DNSKEY RR?
--bill
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
