[Dnssec-deployment] [ENUM-NL] DNSSEC trust-anchor notice for 1.3.e164.arpa.
Marco Davids (SIDN)
marco.davids at sidn.nl
Fri Jan 7 06:23:20 EST 2011
-----BEGIN PGP SIGNED MESSAGE-----
[Apologies for any duplicate mails]
DNSSEC trust-anchor notice for 1.3.e164.arpa.
First and only notice!
To whom it may concern:
ENUM-zone 1.3.e164.arpa is signed with DNSSEC. Since no
trust-anchor has been published in the parent, the trust-anchor of this
zone was available via https://www.enum.nl/downloads/KSK-pub.txt.
This is to inform you that we have scheduled a key change, which will
render the current trust-anchor invalid.
If you have configured the 1.3.e164.arpa trust-anchor in your
validator(s), please remove it NOW or no later than January 11th 23:59 CET.
At the end of next week we will introduce a new key in the
1.3.e164.arpa-zone, which will have it's trust-anchor published in the
parent soon after.
Since we anticipate that only very few people have actually configured
the present trust-anchor (if any), we will *not* perform a full-blown
key roll-over. Instead we will simply remove the old key and introduce a
The new trust-anchor will not be published in an authenticated manner
outside DNS (for example on an SSL-protected web page as before),
because it will have it's DS record in the parent.
Thank you for your understanding.
With kind regards,
On behalf of ENUM NL
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Dnssec-deployment