[arin-ppml] ARIN discontinuing DNSSEC capability to legacy holders
paul at arin.net
Thu Oct 4 14:28:23 EDT 2018
I am personally fully committed to universal DNSSEC, and I believe that this practice deleteriously affects all ARIN members, not just legacy ones. I hope that discussion on this list will indicate a clear community consensus, so that the board can ensure that staff act upon that input.
> On Oct 4, 2018, at 2:00 PM, Bill Woodcock <woody at pch.net> wrote:
>> On Oct 4, 2018, at 9:29 AM, Michael Sinatra <michael+ppml at burnttofu.net> wrote:
>> I have received word of an apparent change in ARIN operational policy...
>> ...no longer accepting DNSSEC DS records for reverse DNS for those resources that are not covered by RSA or LRSA. This is a change from current operational practice, and it effectively disables the *community's* ability to validate reverse DNS for these holders.
> This is an unconscionable roll-back of a critical security feature of the Internet. This cannot be allowed to move forward.
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML