In message <a06240802c6d0c8835...@[192.168.1.102]>, Edward Lewis writes: > Ok, I've about had it with the tone of this thread. > > At 12:17 +1000 9/12/09, Mark Andrews wrote: > > >Actually there is blame all round. > > I think this is uncalled for and is detrimental to the list.
Did all the other users of ITAR successfully follow this key rollover? Did all the other users of ITAR fail to follow this key rollover? Would they admit it if they did? I know I took several days to update my trusted-key clause for PR in my named.conf's. They are all updated manually. If I wasn't asking PR directly, by doing DNSKEY queries, but instead used ITAR's collection I would have not followed the key rollover. PR should have updated ITAR immediately. They didn't. PR should have taken their delay into account before removing the old key. They didn't. 2 days was not reasonable when every other key rollover took ~1 month. ITAR should be providing guidance on how often to poll. They didn't. No TAR can be reliable without this guidance because nobody can know what to expect. PR rolled keys faster than any other TLD has ever rolled keys in the past once they went operational (GOV rolled sub 24 while testing). PR rolled keys much faster than the recommended timings in RFC 5011. Weekly polling was quite reasonable based on RFC 5011 and historic TLD key rollover periods. Mark > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Edward Lewis > NeuStar You can leave a voice message at +1-571-434-5468 > > As with IPv6, the problem with the deployment of frictionless surfaces is > that they're not getting traction. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
