<<<
Chronological Index
>>> <<<
Thread Index
>>>
Root KSK rollin', rollin', rollin'
- To: "comments-root-zone-consultation-08mar13@xxxxxxxxx" <comments-root-zone-consultation-08mar13@xxxxxxxxx>
- Subject: Root KSK rollin', rollin', rollin'
- From: Michael Graff <Michael.Graff@xxxxxxxxxxx>
- Date: Wed, 3 Apr 2013 17:31:34 +0000
This is the next (perhaps final?) phase of DNSSEC in the root. It's important
it be treated with all the importance necessary, but also as the final
experiment. After this, it's all real in a production-quality sense.
I too encourage doing multiple rolls for the first two years. I don't think
Steve's advise on 3 months enough time, however. Many larger ISPs have a
new-version validation period that exceeds 3 months, so even if a vendor
managed to get new code out the day the roll went bad, we might not see
widespread deployment of new code before the next event. I fear rolling too
often when running installations cannot be upgraded will cause cautious ISPs to
not consider DNSSEC, or worse, disable it, when faced with angry customers and
VPs, and an impending 3 month doomsday-to-their-career window. I do think 6
months is more reasonable, and attainable by all but the very slow to vet new
releases. It reduces the number of "test events" but it also makes each one
potentially much more useful.
In the web development world, there is frequently a multi-phase release
process. Developers and test systems run various system tests, and QA folk do
some of their QA work. The potential release is then pushed out to a staging
system, which mimics as closely as possible the actual, production world. It
uses the same data (as much as practical), the same hardware type, etc. This
is where the real test happens for capacity, and all the other operational
issues dealing with the final deployment. Only after it has cooked enough
there, will it move on to the real world.
Perhaps something like this could be set up for the root, to give one last
chance for developers to ensure their code will pass the smoke test? I know
implementations are vetted against what they think will happen to the root, but
nothing is as accurate as either a published "here is the root on day 1, 31,
61, etc" to test with, or confirmation of code working correctly, as a staging
test with "production semantics."
--Michael
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|