[dns-operations] Key management and computer "mere mortals" (was: .Org DNSSEC key management policy feedback)
Andrew Sullivan
ajs at shinkuro.com
Wed Jun 24 12:40:00 UTC 2009
On Tue, Jun 23, 2009 at 07:38:21PM -1000, David Conrad wrote:
> Then, depending on your definition of "manage", I suspect DNSSEC is
> doomed and we should probably just give up and go home now. If your
> model of operation is one in which people are constantly fiddling with
> the validating server configuration and tolerating booboos that cause
> validation to fail for arcane reasons, then you are assuming an
> operational world that I am unfamiliar with.
As anyone can proably infer from my previous remarks, I agree
completely with David on this. If we cannot come up with a model in
which DNSSEC is largely "set and forget" for the vast majority of
installations, then we have no hope of achieving widespread deployment
even at small and medium-sized ISPs, never mind the lofty goal of
pushing validation to the end nodes.
Most system administrators are already stretched too thin anyway.
Asking them to deploy something that provides a mostly-invisible
benefit, that requires constant attention, but that has disastrous,
get-you-fired failure modes is not a request that will be granted.
I cannot believe, however, that a group of people as smart and
knowledgable as those I know to be working on this problem will be
unable to come up with a solution to it. There are, in fact, already
some very fetching proposals available, and I think we can build on
those to make DNSSEC safe for mere mortals. But we first have to
commit to that operational goal.
A
--
Andrew Sullivan
ajs at shinkuro.com
Shinkuro, Inc.
More information about the dns-operations
mailing list