Re: [DNSOP] draft-ietf-dnsop-dnssec-key-timing
I can't speak for all of .gov, but I think the draft is ready for publication. Once it has an RFC number it will get worked into products and ops manuals. Since a lot of .gov agencies outsource, or use appliances, I wouldn't expect much feedback. :) Scott From: DNSOP dnsop-boun...@ietf.org on behalf of Paul Ebersman list-dn...@dragon.net Sent: Saturday, July 19, 2014 5:21 PM To: dnsop@ietf.org Subject: Re: [DNSOP] draft-ietf-dnsop-dnssec-key-timing ajs giving useful advice, even if not perfect, on this topic will be ajs more helpful than producting perfect advice. [...] ajs Please publish it. +1 Many folks won't implement this until it's an RFC (.gov, etc.) but will and give feedback once it's out. Perfect is the enemy of progress... ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] draft-ietf-dnsop-dnssec-key-timing
srose I can't speak for all of .gov, but I think the draft is ready for srose publication. Once it has an RFC number it will get worked into srose products and ops manuals. Since a lot of .gov agencies srose outsource, or use appliances, I wouldn't expect much feedback. :) Having worked recently at one of said vendors, where .gov customers wanted that DNSSEC checkbox thingie but did use various NIST and other standards, it means that this RFC will get into the check list of RFCs vendors need to say yes to in bids, so there will be use of the recommendations. Sadly, you are probably right on feedback from some of the vendors and most .govs... ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] draft-ietf-dnsop-dnssec-key-timing
On Mon, Jul 21, 2014 at 03:10:16PM -0400, Paul Ebersman wrote: Sadly, you are probably right on feedback from some of the vendors and most .govs... Not everyone who consumes our documents (or the results of them) is going to tell us about their experiences. On the other hand, a couple of blog posts that read, Well, I tried to follow RFC but after I read it I was actually more confused than when I started, or, If you read RFC, it says quite clearly that foo, will tell us whether we've a big problem or a little one or no problem at all. Right now, _nobody_ who doesn't already know what a DNSOP is will know about this draft. At least if we publish it, there's some hope people will find it when searching for relevant RFCs. A -- Andrew Sullivan a...@anvilwalrusden.com ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] draft-ietf-dnsop-dnssec-key-timing
Not everyone who consumes our documents (or the results of them) is going to tell us about their experiences. I'm adding DNSSEC to the zones I host, and I've already found it useful. Ship it, please. R's, John ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop