[dnssec-deployment] [regarding crypto issues on DNSSEC]
Dmitry Burkov
dburk at burkov.aha.ru
Sat Apr 4 02:01:48 EDT 2009
Lutz Donnerhacke wrote:
> * bmanning at vacation.karoshi.com wrote:
>
>> Michael (and others) - thisis a snippet from a thread on this topic I
>> am having w/ some Russian folks.
>>
>
> Thank you.
>
>
>>>> 3. In Russia if Internet Provider will host DNSSEC server he has to
>>>> apply for service and technical support license from FSB to work with
>>>> crypto (Government decree 957 from 2007 year). In practice FSB will
>>>> not give service license for any service based on non-Russian crypto.
>>>>
>>>> IT MEANS - IN PRACTICE USING RSA BASED DNSSEC IMPLEMENTATION IN
>>>> RUSSIA CAN BE IMPOSSIBLE
>>>>
>
> OTOH the TLD ru has the second high penetration with DNSSEC among the TLDs.
> Only se has more signed domains.
>
???
I slightly surprised you conclusion:
see
http://secspider.cs.ucla.edu/ru--zone.html
Of course, there are a few tests in Russia - as one of registrators -
r1.ru - as we need info technical and performance issues- but that's all.
Dima
> #############################################################
> This message is sent to you because you are subscribed to
> the mailing list <dnssec-deployment at shinkuro.com>.
> To unsubscribe, E-mail to: <dnssec-deployment-off at shinkuro.com>
> A public archive is available here: <http://mail.shinkuro.com:8100/Lists/dnssec-deployment/>
> and older material is at
> <http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>
>
More information about the Dnssec-deployment
mailing list