[dnssec-deployment] A gazillion new TLDs
Scott Rose
scottr at nist.gov
Fri Jun 27 08:13:33 EDT 2008
Right off the top of my head-
Assuming there are a lot of new TLD's added and most/all of the new
TLD's deploy DNSSEC there will be two noticable impacts:
1. Caches will grow even larger (if resolvers query for names in these
new TLDs)
2. Until the root is signed, there will be more TLD keys that have to
be managed as a trust anchor in validators.
All of this is really just a question of scale for the most part.
Scott
George M Jones wrote:
> Any thoughts on the implications of many more TLDs on DNSSEC deployment ?
>
> http://tech.slashdot.org/article.pl?sid=08/06/26/1814205
>
> Clearly no new technical issues, but increased complexity/scale (never a
> friend of security).
>
> Thoughts ?
>
> ---George Jones
>
--
----------------------------------------
Scott Rose Computer Scientist
NIST
ph: +1 301-975-8439
scott.rose at nist.gov
http://www-x.antd.nist.gov/dnssec
http://www.dnsops.gov/
-----------------------------------------
More information about the Dnssec-deployment
mailing list