That's why we're working on DNSSEC automation, to let the DNS Operator sign the zone and automate the provisioning of DS record into the registry without registrant or registrar intervention. Multiple methods and approach being work on.
API for DNS Operator: https://tools.ietf.org/html/draft-ietf-regext-dnsoperator-to-rrr-protocol-04 Registry full zone polling: https://en.blog.nic.cz/2017/06/21/lets-make-dns-great-again/ Jacques -----Original Message----- From: NANOG [mailto:[email protected]] On Behalf Of Rubens Kuhl Sent: December 1, 2017 2:36 PM To: Christopher Morrow <[email protected]> Cc: [email protected] Subject: Re: ccTLDs - Become a Registrar http://rick.eng.br/dnssecstat/ is more on topic of we what discussing, although the monitor is interesting too. Rubens On Fri, Dec 1, 2017 at 5:35 PM, Rubens Kuhl <[email protected]> wrote: > > > On Fri, Dec 1, 2017 at 5:20 PM, Christopher Morrow < > [email protected]> wrote: > >> >> >> On Fri, Dec 1, 2017 at 1:45 PM, Rubens Kuhl <[email protected]> wrote: >> >>> >>> .br also has such requirements. OpenSRS reference chart has a good hint >>> of >>> which ccTLDs have such requirements: >>> http://bit.ly/OpenSRS_TLD_Reference_Chart >> >> >> wow, 256 of 539 report "no" for DNSSEC. >> > > For DNSSEC this one is more reliable: > http://rick.eng.br/mon/ > > > Rubens > > >
