> On Mar 11, 2015, at 16:18, Rob Foehl <r...@loonybin.net> wrote:
> What about the case of bad data in the parent, regardless of where it lands > on the malice / stupidity scale? Loud warnings to this effect at zone > (re)load time would be one thing, but refusing to load the zone entirely > would mean the broken DS isn't the only operational problem... > > -Rob In this case it isn't that the operating state is broken, it is that the next state is. So failing the operation is a good thing. I'm not talking about hypothetical failure modes but modes that have been observed in TLDs and below. To be fine grained, this is a mater for key management and not zone management. Our problem arose in part because we used a tool that combined key management and zone serving. It did its job, we didn't do ours. Wished the automated system would have saved us. _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
