Re: Proposed DNSSEC Plenary Experiment for IETF 74
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed DNSSEC Plenary Experiment for IETF 74

On 28/11/08 09:44, Stephane Bortzmeyer wrote:

On Thu, Nov 27, 2008 at 07:49:13PM +0000,
Matthew Ford <ford at isoc.org> wrote a message of 13 lines which said: 


After all the years of FUD surrounding DNSSEC deployment, I feel
quite strongly that having the IETF do as you suggested and then be
able to point to 'no discernible impact' on the network would be a
significant milestone.


That would prove nothing: failures will DNSSEC do not happen every
day. Signatures expire, people stop signing without telling the parent
zone, keys rolls over, but it may not happen during these few days.

You see the actual problems with DNSSEC (which are *not* FUD) when you
run it every day, for several months. 

I said it would be a milestone. I didn't say it was the end of the road.

Mat

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.