On Mar 4, 2010, at 6:52 PM, Alex Bligh wrote: > > > --On 4 March 2010 15:42:40 -0800 Doug Barton <do...@dougbarton.us> wrote: > >>>> The losing registrar is either going to be helpful, or unhelpful. Given >>>> that adding ANY kind of mechanism to enable secure transition of the >>>> domain is extra work without any direct benefit, the answer is >>>> overwhelmingly likely to be "unhelpful." At least in the case of the >>>> gTLD registrars this is an area where ICANN intervention is likely to be >>>> required, and may actually be beneficial. >>> >>> Partly depends on thick vs. thin registry model though. >> >> Sorry for being dense, but I don't see how. > > In a thick registry model, it would be possible for the registrant > to specify a DS key that the registry (rather than registrar) would > store, just like NS records are specified. So if the registrar changes, > there is no registrar involvement re DS keys unless they are deliberately > obnoxious.
Any registry has to store the DS record, since they have to publish it in the DNS. I don't really see how this is different in thick vs. thin registries. -- David Blacka <dav...@verisign.com> Sr. Engineer VeriSign Platform Product Development
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
