[dns-operations] Statement: Issues using BIND 9.4 & 9.5 with DLV and certain DNSSEC-signed zones
Michael Graff
michael_graff at isc.org
Wed Apr 22 08:10:14 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Florian Weimer wrote:
> * Keith Mitchell:
>
>> In order to give BIND DLV users time to upgrade their resolvers to these
>> fixed versions, ISC is suspending addition of the .gov DNSSEC trust
>> anchor in DLV until 1st May 2009.
>
> Would it be possible to push back that date a bit? Are there any
> signed subzones of .GOV which would suffer from this?
How many more weeks do you think we should delay re-adding .gov to
dlv.isc.org? And what, specifically, do you suggest be the all-clear
trigger?
I'm not saying we will, but I'm open to the idea. I do not want to add
it only to remove it again because we are still breaking people.
However, I am worried that, to some extent, not breaking people causes
people to not upgrade, too.
- --Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAknu0OYACgkQLdqv0r6eD6bkigCeOTJYJLEXpuMhISWCapV/5Hnr
uUoAoIQfhqd//xlLFDzz24sRaSB0OhEZ
=CHot
-----END PGP SIGNATURE-----
More information about the dns-operations
mailing list