[Dnssec-deployment] Domain registrars with easy DNSSEC interface?

[Paul Hoffman]

On Jan 17, 2012, at 1:21 PM, Joe Abley wrote:

> 
> On 2012-01-17, at 16:14, Paul Hoffman wrote:
> 
>> On Jan 17, 2012, at 5:55 AM, Bill Owens wrote:
>> 
>>> I think you're overloading the term 'registrar' in this case - the registrar function is to handle the registration of the domain name, and that's it.
>> 
>> I think you are underloading the term 'registrar' with that definition. For over a decade, in many TLDs, "registrar" means an agency that moves information from a registrant to a registry. In many TLDs, the registry is legally prohibited from dealing directly with the registrants except in extreme circumstances. Specifying that a particular DS record is associated with a particular domain is on the same level as specifying that a particular NS record is associated with a particular domain.
> 
> I don't understand what you're trying to say.

Correct. :-)

> Just because organisations who are registrars also sometimes provide DNS hosting services (and attendant key management, zone signing, etc) does not mean those hosting services are a component of what it means to be a registrar.

Nor did I say that. I was talking about getting DS records to the TLD, not where the additional records live.

> Using the word "registrar" to refer to those hosting services as well as its normal meaning (that of interacting with a domain registry based on instructions accepted from a registrant) is the source of much ongoing confusion.

Fully agree. That's why I didn't mention "hosting" at all.

--Paul Hoffman