@rugk
with US based I wasnt even imlying theát they are directly under the gov, but is is clear that they are HQ’ed in the US and the DNSSec keys are also (btw. only) in the US.
just because the Department of commerce took them away from being a under the government organitation doesnt change the fact that they are in the US. That essentially means that US laws apply, doesnt it?
at least I think so.
@schoen
that’s too bad. would be instresting to allow self-signed certs into CT is the are DANE’d, but wait isnt essentially the ICANN DNSSec root publicly trusted (small jjoke, just had to)
this would allow a lot more safety, because the US isnt the only funny place that may try bad stuff. every ccTLD is in the country it stands for meaning their laws apply and now for the sake of better filtering and whatever their govt takes over the ccTLD’s DNSSec giving them power to more or less do what they want with that depending in their laws.