[dnssec-deployment] DNSSEC in Russia
paul.hoffman at vpnc.org
Thu Apr 2 17:33:33 EDT 2009
At 5:12 PM -0400 4/2/09, Edward Lewis wrote:
>Is anyone on this list willing to say "hey those who can't use RSA, sorry, you can't have a secured DNS on the global public internet. Sorry, we have to fragment the root first for you to get back on-line." That's what I think is the alternative.
That is *an* alternative, one that sounds obviously stupid. Another alternative is "hey those who can't use RSA, sorry, you can have a secured DNS that terminates at the apex of the non-RSA-based hierarchy". This is no different than for any other cryptographic system.
--Paul Hoffman, Director
More information about the Dnssec-deployment