[NA-Discuss] Stability, Security, and Resilience of the DNS Review Team

Beau Brendler beaubrendler at earthlink.net
Thu Apr 7 21:29:01 UTC 2011

I support universal DNSSEC.

-----Original Message-----
>From: Evan Leibovitch <evan at telly.org>
>Sent: Apr 7, 2011 4:56 PM
>To: "John R. Levine" <johnl at iecc.com>
>Cc: NARALO Discussion List <na-discuss at atlarge-lists.icann.org>
>Subject: Re: [NA-Discuss] Stability, Security, and Resilience of the DNS Review Team
>On 7 April 2011 16:45, John R. Levine <johnl at iecc.com> wrote:
>> For those community-based TLD proposals from poorer economies -- the ones
>>> for whom the JAS group has been formed to try to lower costs -- the use of
>>> one of the big registry operators is *not* a given, and in these cases the
>>> cost of implementing DNSSEC could be significant.
>> I see your point, but I don't think it's a problem.  If you have a small
>> zone, you can do everything with BIND or NSD or unbound. You need competent
>> staff to manage it, but it's all industry standard free software, most
>> likely the same software you'd be using anyway.  If .MUSEUM can sign and
>> publish, which it does using that freeware, I think it's fair to expect
>> other small TLDs to do the same thing.
>Just to be clear... you're saying the benefits of universal DNSSEC outweigh
>the costs, even for smaller (and less financially capable) TLDs. (And there
>will certainly be costs to implement, even if the software itself is
>This, combined with Eduardo's agreement that DNSSEC should be mandatory
>everywhere, seems to indicate a lack of agreement with an ALAC statement
>that suggests otherwise.
>What do other think? If there is even partial agreement with the stances
>taken by Eduardo and John, I can't really vote in favour of the statement.
>- Evan
>NA-Discuss mailing list
>NA-Discuss at atlarge-lists.icann.org
>Visit the NARALO online at http://www.naralo.org

More information about the NA-Discuss mailing list