During the time leading up to the Root KSK Rollover on October 11, I had multiple people from outside of DNS circles asking me why DNS was so hard to upgrade. Basically - why was this Root KSK Rollover such a big concern?
I recalled the draft a few of us wrote a bit ago with observations on the challenges of deploying DNSSEC cryptographic algorithms: https://tools.ietf.org/html/draft-york-dnsop-deploying-dnssec-crypto-algs-06 While we originally wrote that draft to feed into some of the KSK rollover design discussions that were happening, it occurred to me that it might be useful to have out there and available in some public form for people to be able to find and refer to. Is there interest from this group in moving this draft forward? And if so, do people have comments on what is in the draft? Thanks, Dan P.S. There are certainly other places this kind of document could be published. For instance, I could turn that into a short paper we publish on the Internet Society's website in the Deploy360 section. But there is also a logical value to including it along with the other DNSSEC documents in the RFCs. -- Dan York Director, Content & Web Strategy, Internet Society [email protected] +1-802-735-1624 Jabber: [email protected] Skype: danyork http://twitter.com/danyork http://www.internetsociety.org/
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
