There is a <Jitter> for signatures but not for rollovers, no?
--- Begin Message ---
I see that the DURZ servers ([ailm].root-servers.net) are now giving two
ZSKs for the root zone, the one with key id 23763 used for signing and
the new one with key id 55138 being "pre-published". I take it this starts
the 10-day period with actual rollover due on 2010-04-01.
Which reminds me of a question that's been worrying me: if lots of zone
administrators decide to roll their ZSKs every 3 months (say), are they
*all* going to choose to do so on the natural quarter boundaries? Would
it not be a good idea to encourage them to choose a random offset? (It's
the "everyone chooses to run hourly crontabs *on* the hour" effect, writ
large.)
--
Chris Thompson University of Cambridge Computing Service,
Email: [email protected] New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715 United Kingdom.
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
--- End Message ---
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
