Hi all, The last discussion of signing ROOT-SERVERS.NET involved the arguments that there's no real value in signing the zone and that there is a non-zero cost to doing so.
I agree with both of those arguments, but I wonder whether it might not be a better sales job if we just accepted it maybe ought to be signed anyway. I'm aware that it runs against the grain to do something purely for theatrical reasons, but sometimes people like a good show. Every time this topic comes up (especially outside IETF circles, where one can perhaps be expected to understand the detailed arguments), a number of people argue that it's really necessary to sign the zone, or that having an exception for this sets some kind of precedent, or something. I think these discussions waste a lot of time, and so as a purely tactical measure it strikes me that we could shut down that line of argument by just signing the data. Thoughts? A -- Andrew Sullivan a...@shinkuro.com Shinkuro, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
