On the current timeline, October 11 ->  January 11 so three months.

Vendors of sealed units who ship equipment from before October 11 with
delivery held up for three months at the docks by a strike, or people
who put the sealed unit into a long-delay orbit to Mars to be turned
on by Matt Damon on arrival have a problem here, if they don't have a
backdoor manual override.

How many vendors do you think are in this space, not shipping a .trx
or other download which installs the new info?

On Wed, Nov 16, 2016 at 6:56 PM, Mikael Abrahamsson <swm...@swm.pp.se> wrote:
> On Wed, 16 Nov 2016, George Michaelson wrote:
>
>> I feel this is a corner case. My experience with 'mom' whitegoods is that
>> they age out much faster than the 10+ year case. Shops do not hold
>> electronic goods for sale that long, if its old but unboxed, you have taken
>> yourself into a dark alley deliberately. If you genuinely were supporting
>> your mum by buying two, and keeping one offline for 10 years you would have
>> done better buying one, and replacing after 5.
>
>
> Ok, so let me ask an operational question:
>
> The way current root zone key rollovers are thought to be used, what's the
> theoretical shortest worst-case shelf life of a device that relies on DNSSEC
> working for itself to work properly?
>
> So if it's manufactured the day before a new key is publically released,
> when is the key material it has built in no longer viable to have successful
> DNSSEC validation?

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to