IGP Blog :: Post Comment

Get IGP via RSS

Get IGP via Email

Follow IGP on Twitter

Twitter

Recent Comments

Re: Re: The "exceptional" status of IP address governance

Re: Re: Re: Competition policy letters to ICANN part of a US-EC "plot"

Re: Competition policy letters to ICANN part of a US-EC "plot"

Re: The "exceptional" status of IP address governance

Re: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million

Month Archive

November 2007
October 2007
September 2007
August 2007
July 2007

Year Archive

2012
2011
2010
2009
2008
2007
2006
2005

Re: Response to Patrik Faltstrom on DNSSEC implications

by Anonymous

Absolutely nothing stops parties that want to use a different root to do so. Signed or unsigned. If DNSSEC is added to DNS, then of course the other root will also be signed with DNSSEC. We will still get multiple roots, a split DNS, with the only difference that they both are signed. This because the way DNSSEC is deployed today (and there is no change in sight in near future), the verification of the signatures are made in the same full service resolver that is "choosing" what root (zone) to use. This implies if you want to use a different root today, you change the IP address(es) for the root servers. When using DNSSEC you change the IP address(es) and the public key(s) for this other root. So DNSSEC doesn't change this at all.

Help support our work

Make a secure, tax deductible donation online today.

What we're reading

Upcoming Events

View all Events

Who's Reading IGP Blog?

Wowzio

grab this · technology blog