On 5/16/2012 3:33 PM, Joe Abley wrote: > On 2012-05-16, at 02:04, paul vixie wrote: >> now that i've been reminded that the SOA timers are shorter than the >> update frequency and that no NOTIFY is required for up-to-date stealth >> slave service; and now that the root is signed, making it unlikely that >> stealth copies will be amended or that their namespaces will be >> overloaded with other stealth slaves... i agree with drc here. let's >> start encouraging widespread stealth slavery for the root zone. > I'm not convinced that this is a good idea.
i'm not convinced that the goodness of this idea matters. let me go further, i am convinced that the goodness of this idea does not matter. it's happening now; it's attractive in ways that persuasion and education can't change. our choice now is to document in an RFC the best way to do it, or not. note: even then we won't get universal implementation of that best way, but at least if we document it, there's a better chance. > Right now we have a root server system that is measurable, and that is > operated by people who understand the implications of operational choices, > and who are a small enough group that coordination and communication with > other actors in the root zone management is practical. agreed. yay us. > Ad-hoc distribution of root zone operation to an unbounded set of operators > would result in a system that was much more challenging to measure, that was > operated by people whose focus was (properly) elsewhere, and with whom > reliable communication was probably not possible. s/would result/has resulted and will continue to result/ s/was/is/g > I am generally in favour of decentralisation, but in this specific instance I > can't see much benefit to offset the deficiencies. i feel similarly. but none of that matters. let's be realistic not idealistic and see how that goes. paul -- "I suspect I'm not known as a font of optimism." (VJS, 2012) _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
