Implementation work done on DNSSEC trust anchor key rollover solution
Thierry Moreau <thierry.moreau@connotech.com> Fri, 03 February 2006 14:22 UTC
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F51pF-0003GC-ND for dnsext-archive@megatron.ietf.org; Fri, 03 Feb 2006 09:22:14 -0500
Received: from psg.com (mailnull@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA02079 for <dnsext-archive@lists.ietf.org>; Fri, 3 Feb 2006 09:20:27 -0500 (EST)
Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1F51hd-000Pz6-00 for namedroppers-data@psg.com; Fri, 03 Feb 2006 14:14:21 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on psg.com
X-Spam-Status: No, score=-0.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_SBL, UNPARSEABLE_RELAY autolearn=no version=3.1.0
Received: from [66.163.8.251] (helo=SMTP.Lamicro.com) by psg.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from <thierry.moreau@connotech.com>) id 1F51hc-000Pyn-42 for namedroppers@ops.ietf.org; Fri, 03 Feb 2006 14:14:20 +0000
Received: from Spooler by SMTP.Lamicro.com (Mercury/32 v4.01b) ID MO000A84; 3 Feb 2006 09:15:16 -0500
Received: from spooler by Lamicro.com (Mercury/32 v4.01b); 3 Feb 2006 09:15:08 -0500
Received: from connotech.com (209.71.204.111) by SMTP.Lamicro.com (Mercury/32 v4.01b) with ESMTP ID MG000A83; 3 Feb 2006 09:15:06 -0500
Message-ID: <43E36DB4.6060906@connotech.com>
Date: Fri, 03 Feb 2006 09:50:28 -0500
From: Thierry Moreau <thierry.moreau@connotech.com>
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: namedroppers@ops.ietf.org
Subject: Implementation work done on DNSSEC trust anchor key rollover solution
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Content-Transfer-Encoding: 7bit
In the solution space for trust anchor key rollover, there are two individual Internet drafts: http://www.ietf.org/internet-drafts/draft-moreau-dnsext-sdda-rr-01.txt http://www.ietf.org/internet-drafts/draft-moreau-dnsext-takrem-dns-01.txt Implementation work has been done, so that updated software tools are now available (GPL'ed free software). See http://www.connotech.com/takrem_tools/trust-anchor-foundry_02.tar.gz This update includes a complete solution for DNS zone management procedures (i.e. trust anchor key management and DNS authoritative nameserver operations), and an API for TAKREM support in DNSSEC-aware resolver software. The software development planning aspects are covered in two documents, respectively for the server side at http://www.connotech.com/trustanchfoundry_09.pdf and the client side at http://www.connotech.com/takrollover_06.pdf. If the DNSSEC security services are important enough to deserve good trust anchor key procedures, here they are. Enjoy! -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, Qc Canada H2M 2A1 Tel.: (514)385-5691 Fax: (514)385-5900 web site: http://www.connotech.com e-mail: thierry.moreau@connotech.com -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>
- Implementation work done on DNSSEC trust anchor k… Thierry Moreau
- Re: Implementation work done on DNSSEC trust anch… Paul Vixie