Ólafur Guðmundsson via ksk-rollover <ksk-rollover@icann.org> wrote:
I think there will always be breakage, in the old pre-RFC5011 and KSK design discussions there was one case identified as non-solvable --- old OS/Box comes alive i.e. I think we now have a second class of failures that was not "anticipated" -- non-persistence i.e. resolver can not store state in a way that will be used if resolver is restarted. -- operators hard code keys i.e. disable RFC5011 (trusted-keys vs managed-keys)
I have a suggestion that could fix the first two, and also fix the secure time bootstrap problem - https://tools.ietf.org/html/draft-fanf-dnsop-trust-anchor-witnesses I should maybe do a simplified revision, but I'm not sure there's enough interest to make it worth the effort. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ - I xn--zr8h punycode Shannon, Rockall: South 7 to severe gale 9, occasionally storm 10 at first in Rockall, becoming cyclonic 6 to gale 8. Very rough or high, occasionally very high at first in Rockall. Rain or showers. Good, occasionally poor.