[governance] Re: Draft Workshop Report -- DNS forum @ Athens

Stephane Bortzmeyer bortzmeyer at internatif.org
Mon Nov 6 15:54:03 EST 2006


On Tue, Nov 07, 2006 at 01:07:12PM -0500,
 Brenden Kuerbis <bkuerbis at twcny.rr.com> wrote 
 a message of 34 lines which said:

> It also my understanding that DLV retains the idea of a single key

Not really: DLV allows you to have several DLV "roots" (for instance,
one for the root and a more specific one for ".org") and they may even
overlap. (But I believe that the BIND implementation only supports
one.)

> However, the DLV solution merely substitutes one "trusted" party
> controlling the private key (i.e., ISC or some other organization)
> for others (i.e., IANA/DoC/ICANN/VeriSign).

Except that you may have several (and not just one) trusted party,
yes, you're right.

> IMO, DLV itself does not solve the governance problem of providing
> transparency and accountability in key operational procedures at the
> DNSSEC "root," wherever it may be.

Sure, DLV allows to bypass ICANN but it does not solve all the
problems. You still need one (or several) trustable authority but it
can be different from the DNS root authority.

____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance



More information about the Governance mailing list