From my observations, the root zone will be signed twice a month by the Zone Signing Key, double the pace of an ordinary fully qualified domain name which is to be signed on a monthly basis. Also, according to ICANN, the Key Signing Key shall be used for 5 years. This introduces only a slight additional burden to include the default secure entry point to a resolver every 5 years.
My wholehearted thanks go to ICANN and all root zone operators for taking major steps to secure the public Internet.
No comments:
Post a Comment