[dnssec-deployment] NSEC3 progress
Ben Laurie
ben at algroup.co.uk
Mon May 30 10:10:31 EDT 2005
Olaf M. Kolkman wrote:
> On Wed, 25 May 2005 10:54:46 -0700
> Allison Mankin <mankin at psg.com> wrote:
>
>
>>Hi, Olaf,
>>
>>
>>>and organise a workshop to understand possible issues. In the past
>>>those workshops have shown to be more than worthwhile in getting good
>>>specs. Question: anybody doing an implementation, server/client side?
>>
>>>As far as I understand the "epsilon" work seems to be heading to non-
>>>deployment. I have not heard of anybody seriously planning on its
>>>deployment.
>>
>>It surely is hard to deploy what's not implemented :) So I guess
>>you are also saying you have not heard of any implementation?
>
>
> I have made a "proof of concept" in perl. But that implementation is
> really not more than a crude hack and would not scale to any serious
> production. Registries seriously considering deployment should write
> their own code and I am not sure of any of that work has been done.
I have a BIND implementation of NSEC2. Since we mostly know what NSEC3
looks like, I can upgrade that implementation, which I will be doing in
the near future.
Cheers,
Ben.
More information about the Dnssec-deployment
mailing list