Petr Špaček <[email protected]> writes: > Are we designing generic protocol, or a workaround based on existing > state of things? I'm not aware of a fundamental reason why root cannot > be resigned incrementally.
Right now I think that would require a request through ICANN's Root Zone Evolution Review Committee (RZERC) group to consider changing how signing might happen within the root zone maintainer. Could it be requested and done? probably. I'll leave it to others decide whether or not we (the IETF) should ask for that by the ICANN/IANA/RZM trio. It's a secondary concern, IMHO, to these documents. Though obviously related, I personally consider the suggestion that resolver implement LocalRoot features to be independent from whether or not the root zone should be signed in a way that supports better IXFR support (which will also come with a lot of other issues related to signature lengths, etc). -- Wes Hardaker Google _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
