Verifying the root trust anchor

Written by Roland van Rijswijk in category: General

Before you start using the root trust anchor, it is very important to verify it. ICANN has specified several methods for doing this. We relied on the PGP signature made by one of the trusted community representatives, Olaf Kolkman of NLnet Labs.

Again, please make sure that you validate the trust anchor before you start using it; it has no value whatsoever if this important step is not taken.

For those who have my (Roland van Rijswijk) PGP key, you can find a signed statement that I have validated and trust Olaf’s signature on the root trust anchor here.

UPDATE: Jakob Schlyter and Fredrik Ljunggren of Kirei (one of the organisations that has contributed to the root zone DNSSEC design team) have also published a signed statement on their website.

1 Comment to “Verifying the root trust anchor”

  1. Jakob Schlyter says:

    We’ve published a similar attestation at http://www.kirei.se/en/2010/06/20/root-ksk/.

Respond

*