Shane Kerr <sh...@time-travellers.org> wrote: > > Generally we leave the details of exactly how stuff works up to the RIPE NCC, > and I think that makes sense for any request about RFC 7344 support.
That makes things easier for me :-) > My own thinking is that we can request update & deletion support immediately, > since those are clearly specified, but that we need to think a bit about what > recommendations we can make for bootstrapping adding DS records, if we want > that at all (I think we do, but reasonable people may disagree). I would be happy with just RFC 7344 updates and RFC 8078 deletion, but I agree RFC 8078 bootstrapping should be a goal. The implementations at CZ.NIC and SWITCH have full RFC 7344 and RFC 8078 support. https://www.nic.ch/export/shared/.content/files/SWITCH_CDS_Manual_en.pdf https://ripe75.ripe.net/presentations/123-CDNSKEY-FRED-KNOT-RIPE75.pdf The timings are different, though: SWITCH requires consistent results for 3 days in all cases; for bootstrapping they also require consistent results over TCP from all nameservers. CZ.NIC does updates as soon as a daily scan finds CDS/CDNSKEY recrods requesting a change; bootstrapping requires 7 days of consistent results over TCP from all nameservers. (I think I prefer the CZ.NIC timings.) The usual RIPE database change notification emails should occur for CDS changes - cf. the CZ.NIC notifications. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Fisher: Variable 3 or 4, becoming southeast 4 or 5 later. Slight. Fair. Good.
