[dns-operations] Key management and computer "mere mortals" (was: .Org DNSSEC key management policy feedback)

bert hubert bert.hubert at gmail.com
Wed Jun 24 21:21:55 UTC 2009

On Wed, Jun 24, 2009 at 3:35 PM, Michael
Monnerie<michael.monnerie at is.it-management.at> wrote:

> +1
> Currently DNS requires almost no maintenance, while for DNSSEC you'd
> require tons of test tools who constantly monitor everything, and in
> case of an error you manually need to do things that are not to-be-done
> by the average admin, you'd need a real DNSSEC admin.

You also need a DNSSEC-capable support infrastructure to deal with
questions about 'fuzz' and other 'it almost works' situations.

This is not going to be cheap.


More information about the dns-operations mailing list