Does anyone have a decent reference to a document that outlines what operators should be considering WRT DNSSEC (e.g., >512B thing, allowing TCP, EDNS0 considerations, validating recursors deployment, any studies to projections of recursive load hits for RAM, CPU and transactions in various implementations and platforms, other firewall policies, etc..)?
I'm writing something up and wanted to provide a summary, with some nice useful references that are actionable for your average ISP operator. Most of the stuff I've seen that already exists in a form easily consumable by network operators seems heavily root and TLD focused, and I'd like to say "here are some things you need to do to prepare for the root signing, even if you're not signing your own zones)... Thanks in advance! -danny _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
