On 2009-10-28, at 12:06, João Damas wrote:
On 28 Oct 2009, at 12:14, Joe Abley wrote:This is very much an aside, but I continue to be mildly alarmed by the conflation of "registrar" with "zone manager" in this kind of discussion.depends were the key-related info resides, and even on who holds the key.
My point is that the key isn't part of the registry data,
Although providing the DNS service is indeed not the same as being a registrar, I find it likely that the registrar, which currently keeps the list of NS, if any, will also keep the key-related info (e.g. DS to be sent to the parent).
the trust anchor to the registrant's zone is public information, is held at the registry, and doesn't need to change during a domain transfer, and
It is also possible there might be a third party dealing with the DNSSEC info, though it is hard to imagine how to fit that new entity into the customer-registrar-registry trio.
although single organisations frequently perform multiple roles, the zone manager role already exists and is already independent of the registrant-registrar-registry roles.
Joe