I observe that: 1. The current data leads me to understand that fairly few actual users will be affected because their service providers are not properly prepared for the rollover. 2. Even for those users who are affected, the affect will not be to deny them access to the Internet, but, rather, to cause a fallback to insecure DNS. 3. That fallback is, while not ideal, not devastating, and… 4. …the issues will almost certainly be resolved quickly. 5. Delaying the rollover by 3 months, or 6, or 9, is not likely to make a significant difference in preparedness; we’ve been planning this for long enough to lead to the conclusion that anyone unprepared will continue to be unprepared until they are forced to correct that. 6. Doing this first-time KSK rollover is critical to show that we can do it and to gather experience to make it possible to do regular 5-year rollovers as originally planned. 7. Not doing the rollover prevents us from gathering that experience and prevents us from being prepared should a rollover actually be necessary in the future because of a compromised key. I conclude that the risk of not doing the rollover forthwith far exceeds the risk of doing it. I urge ICANN to continue with the plan to roll the root zone KSK on 11 October. -- Barry Leiba (barryleiba@computer.org) http://internetmessagingtechnology.org/