This looks very much like the draft that Olaf, Johan, and I wrote at the same time MSJ was proposing what we have now. You might want to talk to either Olaf or Johan for more details. And yes, this will fail if any of the loopback drafts are deployed.
manning bmann...@karoshi.com PO Box 12317 Marina del Rey, CA 90295 310.322.8102 On 29June2015Monday, at 14:59, Ralf Weber <d...@fl1ger.de> wrote: > Moin! > > On 29 Jun 2015, at 22:48, Warren Kumari wrote: >> I've written a draft that proposes a different way of performing root >> key rollover that exposes who all has which key - this allows one to >> know that 99.8% of resolvers have the new key, who has the old one, >> and who will break. >> It does this by encoding the current set of TAs that the resolver has >> into a query, and using that to fetch the new keys. By watching >> queries at the root one can see the population of people with each TA, >> and watch that change over time. This was written for root key roll, >> but is applicable to any TA in the tree. > So while this might work with future root key rollovers, I think it's to late > for this one, as it requires all software (root servers and validating > resolvers) to be updated, and one concern that we have with the root key > rollover is old software. > > On another note, how does that interact with the root loopback draft, where > the resolver doesn't ask the root at all, but the local copy of the root zone? > > So long > -Ralf > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
