[Dnssec-deployment] Domain registrars with easy DNSSEC interface?
paul.hoffman at vpnc.org
Tue Jan 17 17:40:59 EST 2012
On Jan 17, 2012, at 1:21 PM, Joe Abley wrote:
> On 2012-01-17, at 16:14, Paul Hoffman wrote:
>> On Jan 17, 2012, at 5:55 AM, Bill Owens wrote:
>>> I think you're overloading the term 'registrar' in this case - the registrar function is to handle the registration of the domain name, and that's it.
>> I think you are underloading the term 'registrar' with that definition. For over a decade, in many TLDs, "registrar" means an agency that moves information from a registrant to a registry. In many TLDs, the registry is legally prohibited from dealing directly with the registrants except in extreme circumstances. Specifying that a particular DS record is associated with a particular domain is on the same level as specifying that a particular NS record is associated with a particular domain.
> I don't understand what you're trying to say.
> Just because organisations who are registrars also sometimes provide DNS hosting services (and attendant key management, zone signing, etc) does not mean those hosting services are a component of what it means to be a registrar.
Nor did I say that. I was talking about getting DS records to the TLD, not where the additional records live.
> Using the word "registrar" to refer to those hosting services as well as its normal meaning (that of interacting with a domain registry based on instructions accepted from a registrant) is the source of much ongoing confusion.
Fully agree. That's why I didn't mention "hosting" at all.
More information about the Dnssec-deployment