wrt joao damas' DLV talk on wednesday

Joe Abley jabley at ca.afilias.info
Tue Jun 13 17:52:04 UTC 2006 


On 13-Jun-2006, at 13:27, Randy Bush wrote:

> the isc web page now says
>
>     Before it is accepted into the dlv.isc.org zone, ISC will
>     perform checks to ensure the keys are being used in the
>     requested zone, that the persons making the request are who
>     they claim to be and that they are authorised by the domain
>     holder to request the inclusion of the keys in the zone.
>
>     This check will require an in-person meeting with authorised
>     ISC staff to verify documentation.
>
> so, there will be strange travel costs incurred, but we have no
> idea what actual checks will be done.  when charles mussisi flies
> from kampala to redwood city, will he be expected to have brougt
> the zone key with him on cdrom or something, and you'll check his
> passport against the iana cctld registry and then accept the key?

I don't profess to speak for ISC here, but it may be worth noting  
that ISC staff continue to spend a lot of time travelling to operator  
meetings, workshops, root server installations and RIR and ICANN  
meetings. Outreach and community participation is one of the core  
things that ISC does.

It's not unreasonable to think that for a lot of zone operators  
(ccTLD or otherwise), the mountain will eventually come to Mohammed,  
and travel by the zone operator won't be necessary.

In the case of Uganda, by way of example, I've met Charles in person  
several times, and I'm sure we will do so again. I remain on ISC's  
books as an unpaid volunteer. If I can help Charles and ISC on some  
mutually-agreeable project I would of course be happy to.

The social tendrils of ISC run longer and deeper than many people  
realise. Perhaps this is one of the things that makes ISC a good  
organisation to anchor projects like DLV.

> and, when the iana redelates the UG zone, how will you know this
> and stop handing out a bogus key?

I can't answer that question. My expertise in this area is less about  
the crypto, and more about the beer :-)


Joe

More information about the NANOG mailing list