Implementation work done on DNSSEC trust anchor key rollover solution
Thierry Moreau <thierry.moreau@connotech.com> Fri, 03 February 2006 14:50 UTC
From: Thierry Moreau <thierry.moreau@connotech.com>
Subject: Implementation work done on DNSSEC trust anchor key rollover solution
Date: Fri, 03 Feb 2006 09:50:28 -0500
Lines: 47
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-From: owner-namedroppers@ops.ietf.org Fri Feb 03 15:26:46 2006
Return-path: <owner-namedroppers@ops.ietf.org>
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_SBL, UNPARSEABLE_RELAY autolearn=no version=3.1.0
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
To: namedroppers@ops.ietf.org
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
X-Message-ID:
Message-ID: <20140418072128.2560.86292.ARCHIVE@ietfa.amsl.com>
In the solution space for trust anchor key rollover, there are two individual Internet drafts: http://www.ietf.org/internet-drafts/draft-moreau-dnsext-sdda-rr-01.txt http://www.ietf.org/internet-drafts/draft-moreau-dnsext-takrem-dns-01.txt Implementation work has been done, so that updated software tools are now available (GPL'ed free software). See http://www.connotech.com/takrem_tools/trust-anchor-foundry_02.tar.gz This update includes a complete solution for DNS zone management procedures (i.e. trust anchor key management and DNS authoritative nameserver operations), and an API for TAKREM support in DNSSEC-aware resolver software. The software development planning aspects are covered in two documents, respectively for the server side at http://www.connotech.com/trustanchfoundry_09.pdf and the client side at http://www.connotech.com/takrollover_06.pdf. If the DNSSEC security services are important enough to deserve good trust anchor key procedures, here they are. Enjoy! -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, Qc Canada H2M 2A1 Tel.: (514)385-5691 Fax: (514)385-5900 web site: http://www.connotech.com e-mail: thierry.moreau@connotech.com -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>
- Implementation work done on DNSSEC trust anchor k… Thierry Moreau
- Re: Implementation work done on DNSSEC trust anch… Paul Vixie