[dns-operations] No public calendar for the root signing deployment

bert hubert bert.hubert at netherlabs.nl
Mon Dec 14 04:43:16 UTC 2009


On Mon, Dec 14, 2009 at 12:25:49AM +0100, Peter Koch wrote:
> my point is that the "melody" of the message is very important. Nothing in
> this very good article really rings an alarm bell or "warns" people.
> It is "just" good technical information.  The hard part is to tailor
> the message towards the intended or even anticipated target audiences.
> I'm all for openness and advance announcements, but some of the postings
> in this thread could be read to suggest we're going to face a big experiment
> with zillions of innocent victims being cut off the net.

This is in fact what one root operator says, so it goes way beyond
'suggesting'.

As bmanning said:

	from my limited scope testing (from one root) there are
	double-digit percentage of priming queries that will get
	hit with this problem... I think parts of the internet
	will go dark. 

https://lists.dns-oarc.net/pipermail/dns-operations/2009-December/004760.html

So it is't the actual tone of the message that is worrying, it is also the
music itself.

Or is bill wrong? Because a root-priming query with EDNS enabled has been
returning >512 answers for a long time now. Or perhaps BIND doesn't do that?

	Bert



More information about the dns-operations mailing list