The other half are not usable with DNSSEC because there is no way for
me to install the DS -- I'm running the DNS for domains other people
have registered at other registrars, so those registrars won't talk to
me.
...and the people you talk with have not added you as a tech contact?
It doesn't matter -- I don't have the password to log into their registrar
account.
But the registrars issue I, speaking as a registrar, will not be sorted out
before registries _also_ start to move to a harmonized management of DNSSEC.
Registrars make for example in Sweden about $1/domain name while the registry
charge $10/domain.
This isn't just an issue for registrants and registrars; it's a problem
wherever the operator of one zone delegates a subzone to someone else with
whom they don't have a side channel to exchange the signing key.
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
