> I'm on the verge of putting together a Bar BoF call on the IETF list.
> There have been two work items I wanted to cover - EPPbis and the
> issue of provisioning DS records.
re: registries not at the IETF... if there is some general idea
for collecting registry requirement
To avoid further confusion on who said ...
...
The last message was from Jaap Akkerhuis, who said:
>
> Oops, apparently Alfred said so. But who sais what is irrelevat on the
> discussion. The oint I was making is that there should not be a fixed
> aministrative model.
>
> jaap
However, I di
In message ,
"Stephan Lagerholm" writes:
>
> > From: Jay Daley [mailto:j...@nzrs.net.nz]
> > Sent: Wednesday, March 03, 2010 1:54 PM
> > To: Stephan Lagerholm
> > Cc: Alex Bligh; Jaap Akkerhuis; matth...@nlnetlabs.nl;
> > bmann...@vacation.karoshi.com; Edward Lewis; Wolfgang Nagele;
> > dnsop@ie
On Wed, Mar 03, 2010 at 11:28:36AM +0100, Jaap Akkerhuis wrote:
>
> Antoin says:
> So there's one more logical entity involved; most likely this way:
>
> jaap
> ___
did i miss something? Anto
On Mar 3, 2010, at 7:50 PM, Stephan Lagerholm wrote:
From: Jay Daley [mailto:j...@nzrs.net.nz]
Sent: Wednesday, March 03, 2010 1:54 PM
To: Stephan Lagerholm
Cc: Alex Bligh; Jaap Akkerhuis; matth...@nlnetlabs.nl;
bmann...@vacation.karoshi.com; Edward Lewis; Wolfgang Nagele;
dnsop@ietf.org
Subj
On 4/03/2010, at 8:50 AM, Stephan Lagerholm wrote:
> Correct, but I have a hard time seeing that the loosing registrar would
> be that helpful. It is more realistic to think that they could provide
> access to the private key for their hosted customer. And in that case
> the key can not be shared
> From: Jay Daley [mailto:j...@nzrs.net.nz]
> Sent: Wednesday, March 03, 2010 1:54 PM
> To: Stephan Lagerholm
> Cc: Alex Bligh; Jaap Akkerhuis; matth...@nlnetlabs.nl;
> bmann...@vacation.karoshi.com; Edward Lewis; Wolfgang Nagele;
> dnsop@ietf.org
> Subject: Re: [DNSOP] automatic update of DS reco
> On Wed, Mar 03, 2010 at 11:28:36AM +0100, Jaap Akkerhuis wrote:
>>
>> Antoin says:
>> So there's one more logical entity involved; most likely this way:
>>
>> jaap
>> ___
>
> did i miss something? Antoin sez that where?
That's bee
On 4/03/2010, at 8:27 AM, Stephan Lagerholm wrote:
> Bad idea, what happens when one customer would like to move his domain
> from your name server to another name server. Do you give him your
> mega-key or do you tell him to break his chain of trust during the move?
If those were the only two ch
> In your example above I personally would only use one set of keys for
all
> those domains, it would make my life so much easier. I suspect some
DNS
> providers will similarly share keys across their customers (or per
server)
> if they know they can control generation of RRs.
Bad idea, what happ
Hi Alex
On 3/03/2010, at 8:46 PM, Alex Bligh wrote:
>> I'm sure we could and an automated update of DS records is a good idea.
>> But my point is that in the absence of a similar automated mechanism for
>> NS records we use cut and paste and it works fine and there is nothing
>> about DS records
On Wed, Mar 03, 2010 at 11:28:36AM +0100, Jaap Akkerhuis wrote:
>
> Antoin says:
> So there's one more logical entity involved; most likely this way:
>
> jaap
> ___
did i miss something? Antoin sez that where?
--bill
__
On Mar 3, 2010, at 2:24 PM, Tony Finch wrote:
On Wed, 3 Mar 2010, Jay Daley wrote:
But my point is that in the absence of a similar automated
mechanism for
NS records we use cut and paste and it works fine
No it doesn't. Delegations are frequently partially broken. It would
be
a waste
On Tue, 2 Mar 2010, Doug Barton wrote:
>
> Throwing in some more bullet points:
> 1. There MUST be an OOB (where the B is DNS) channel for initial zone
> configuration, contact info changes, etc.
> 2. This channel already exists for Registrant/Admin/Billing/Technical
> contact info, name servers, e
On Tue, 2 Mar 2010, Edward Lewis wrote:
>
> If you want to just get the DS from the child's servers to the parent's
> machines, we already have queries/responses and can secure that with TSIG or
> SIG(0). What is there to solve?
What are the traps and pitfalls? What are the timing requirements?
On Wed, 3 Mar 2010, Jay Daley wrote:
>
> But my point is that in the absence of a similar automated mechanism for
> NS records we use cut and paste and it works fine
No it doesn't. Delegations are frequently partially broken. It would be
a wasted opportunity to automate DS maintenance without auto
Antoin says:
So there's one more logical entity involved; most likely this way:
vvv v
dns_op(parent)-registry-registrar-reseller-registrant-dns_op(child)
The dns_op(child) might alternatively have a direc
17 matches
Mail list logo
