[Dnssec-deployment] DNSSEC (partial) deployment in .CL
Eric Osterweil
eoster at cs.ucla.edu
Fri May 21 11:54:46 EDT 2010
Very nice work! :)
Eric
On May 21, 2010, at 8:50 AM, Hugo Salgado Hernandez wrote:
> Hi everyone.
>
> Seeing spiders and people with an eye on the tlds zones,
> we want to inform to the group that .CL is "partially" signed
> from a couple of weeks ago. Our approach is similar to the root:
> we're deploying the signed zone to each instance of the .CL
> nameservers one by one, and we've obscured our keys. As far
> as today we have the signed zone in half of the anycast nodes
> of 1 NS... but it seems that one of those instances is reachable
> from Europe, and it was catched by secspider, too.
>
> If you want to check it, "miraflores.nic.cl" is the "unicast name"
> of one of the nodes of the anycast name "a.nic.cl".
>
> And we hope to finish the deployment in all of the instances by
> end of June.
>
> Regards,
>
> Hugo Salgado
> NIC Chile - .CL
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part
Url : http://dnssec-deployment.org/pipermail/dnssec-deployment/attachments/20100521/f7b62dc0/attachment.bin
More information about the Dnssec-deployment
mailing list