hat tip to .gov hostmasters

[frnkblk at iname.com (Frank Bulk)]

Pretty soon we'll have a blacklist of DNS servers that don't support DNSSEC
for .gov. =)

Frank

-----Original Message-----
From: Chris Owen [mailto:owenc at hubris.net] 
Sent: Monday, September 22, 2008 10:02 AM
To: NANOG list
Subject: Re: hat tip to .gov hostmasters

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sep 22, 2008, at 9:59 AM, Simon Vallet wrote:

> On Mon, 22 Sep 2008 10:52:42 -0400
> "Jason Frisvold" <xenophage0 at gmail.com> wrote:
>
>> I'm not much up on DNSSEC, but don't you need to be using a resolver
>> that recognizes DNSSEC in order for this to be useful?
>
> You do -- and last time I checked few native resolvers actually did :
> glibc doesn't, and I'd be surprised if the Windows resolver does

Chicken, meet egg.

I think the point of the original post is that one end or the other
has to start things.  At least we have one US zone doing something on
the server end of things.

Chris

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Chris Owen         ~ Garden City (620) 275-1900 ~  Lottery (noun):
President          ~ Wichita     (316) 858-3000 ~    A stupidity tax
Hubris Communications Inc      www.hubris.net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Public Key: http://home.hubris.net/owenc/pgpkey.txt
Comment: Public Key ID: 0xB513D9DD

iEYEARECAAYFAkjXs30ACgkQElUlCLUT2d0SfwCbB8FQ4izN061GoQQMl3fkq+NT
ga0AoJnwGG8PfBs5PaziRB6m0NQBuZwc
=68dm
-----END PGP SIGNATURE-----