[dns-operations] Key management and computer "mere mortals" (was: .Org DNSSEC key management policy feedback)
bert hubert
bert.hubert at gmail.com
Wed Jun 24 21:21:55 UTC 2009
On Wed, Jun 24, 2009 at 3:35 PM, Michael
Monnerie<michael.monnerie at is.it-management.at> wrote:
> +1
>
> Currently DNS requires almost no maintenance, while for DNSSEC you'd
> require tons of test tools who constantly monitor everything, and in
> case of an error you manually need to do things that are not to-be-done
> by the average admin, you'd need a real DNSSEC admin.
You also need a DNSSEC-capable support infrastructure to deal with
questions about 'fuzz' and other 'it almost works' situations.
This is not going to be cheap.
Bert
More information about the dns-operations
mailing list