On Fri, Nov 2, 2018 at 1:38 PM Dan York <[email protected]> wrote: > During the time leading up to the Root KSK Rollover on October 11, I had > multiple people from outside of DNS circles asking me why DNS was so hard > to upgrade. Basically - why was this Root KSK Rollover such a big concern? > > I recalled the draft a few of us wrote a bit ago with observations on the > challenges of deploying DNSSEC cryptographic algorithms: > > > https://tools.ietf.org/html/draft-york-dnsop-deploying-dnssec-crypto-algs-06 > > While we originally wrote that draft to feed into some of the KSK rollover > design discussions that were happening, it occurred to me that it might be > useful to have out there and available in some public form for people to be > able to find and refer to. > > Is there interest from this group in moving this draft forward? And if > so, do people have comments on what is in the draft? > > Thanks, > Dan > > P.S. There are certainly other places this kind of document could be > published. For instance, I could turn that into a short paper we publish on > the Internet Society's website in the Deploy360 section. But there is also > a logical value to including it along with the other DNSSEC documents in > the RFCs. > > -- > Dan York > Director, Content & Web Strategy, Internet Society > [email protected] +1-802-735-1624 > Jabber: [email protected] Skype: danyork http://twitter.com/danyork > > http://www.internetsociety.org/ > > Looks good to me. I have no strong opinion on where it should be published. If published somewhere other than as an RFC, you might add some current statistics on old versions of software in use and how many things never get updates to illustrate how bad the problem is.
-- Bob Harold
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
