Stuart E. Schechter wrote: >> From: Stephen Farrell <stephen.farrell@cs.tcd.ie> >>> IETF RFC 4398 provide a mechanism with which to use DNSSEC to >>> authenticate a site certificate using DNSSEC. No commercial CA needed. >> DNSSEC would be a great thing to have. Pity we don't. > > Microsoft will be supporting DNSSEC in Vista SP1. > > DHS, NIST, and the Department of Commerce have circulated a plan for > getting the root signed. > > You can check with Phil, but last I checked VeriSign has indicated that > it will start signing .com after NSEC3 (with opt-in) is ready and it > undergoes a testing period. From my understanding NSEC3 standardization is > wrapping up. I'll be delighted when we have DNSSEC deployed. I'm not willing to bet the house on it happening just yet though. >> that's worth pursuing, but just not here (since that'd be a new >> protocol). > > How are you defining new here? I'm not. (Not being the new protocol police:-) But the charter seems clear enough on this to me. S.Received on Thursday, 28 December 2006 16:04:09 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:44 GMT