[RSSAC Caucus] Annual RSSAC FAQ Review
Andrew McConachie
andrew.mcconachie at icann.org
Wed Jan 4 11:12:03 UTC 2023
> On 20 Dec 2022, at 16:26, Paul Hoffman <paul.hoffman at icann.org> wrote:
>
>
> On Dec 20, 2022, at 4:21 AM, Andrew McConachie <andrew.mcconachie at icann.org> wrote:
>>
>> Thanks for everyone who joined the productive to review the RSSAC FAQ comments on December 15th.
>>
>> I had an action item to clean up the document and merge the decisions that were made on the call.
>> <https://docs.google.com/document/d/1_OOt0EBmEqkH5fCXWK4ts8946C7qeI6okDXtK0qoLCs/>
>>
>> I’ve done that and there are no outstanding suggestions in the Google doc. If you have any final comments please get them in the Google doc before January 3rd, 2023.
>
> I have made a few small editorial changes. However, I still have a deep concern about question 4.2. If we answer it honestly, it's only going to confuse readers. I propose that we remove it.
>
Dear All,
This is the one outstanding issue remaining with the FAQ. Paul is suggesting deleting question 4.2, but I would like to hear some other opinions from the Caucus before doing so.
Below is the 4.2 question and answer for your review.
> 4.2 Is there any chance of the root zone files getting corrupted by any attack or malware?
>
> RFC 8976 defines a mechanism for ensuring the integrity of a DNS zone file using a ZONEMD record that "provides a cryptographic message digest over DNS zone data at rest”. As noted in a statement published by the root-server operators, RSOs will not enable ZONEMD verification for the first year after the initial publication of ZONEMD records. This is not deployed yet, but there are plans to do so in the future.
>
Thanks,
Andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2604 bytes
Desc: not available
URL: <https://mm.icann.org/pipermail/rssac-caucus/attachments/20230104/5db18e5b/smime.p7s>
More information about the rssac-caucus
mailing list