- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Thu, 28 Dec 2006 16:05:12 +0000
- To: "Stuart E. Schechter" <ses@ll.mit.edu>
- CC: public-wsc-wg@w3.org
Stuart E. Schechter wrote: >> From: Stephen Farrell <stephen.farrell@cs.tcd.ie> >>> IETF RFC 4398 provide a mechanism with which to use DNSSEC to >>> authenticate a site certificate using DNSSEC. No commercial CA needed. >> DNSSEC would be a great thing to have. Pity we don't. > > Microsoft will be supporting DNSSEC in Vista SP1. > > DHS, NIST, and the Department of Commerce have circulated a plan for > getting the root signed. > > You can check with Phil, but last I checked VeriSign has indicated that > it will start signing .com after NSEC3 (with opt-in) is ready and it > undergoes a testing period. From my understanding NSEC3 standardization is > wrapping up. I'll be delighted when we have DNSSEC deployed. I'm not willing to bet the house on it happening just yet though. >> that's worth pursuing, but just not here (since that'd be a new >> protocol). > > How are you defining new here? I'm not. (Not being the new protocol police:-) But the charter seems clear enough on this to me. S.
Received on Thursday, 28 December 2006 16:04:29 UTC