On Fri, 5 Jan 2018, S Moonesamy wrote:
At 04:19 PM 04-01-2018, Geoff Huston wrote:
Carlos, (I'm asking because you posted a "me too") what is the data set you are using to justify this call to be "over soon"?? It seems to me that in the absence of new data, the only changed factor is your own appetite for risk. Without additional data, your tolerance for risk appears to increase over time (*). But is this altered personal perception of the risk sufficient motivation to proceed? Objectively, if the numbers in September 2017 gave sufficient grounds to pause, and the numbers haven't changed (**) then surely the grounds for pausing the operation as as strong now as they were in September (***).
There is the following in the KSK rollover plan: "The Design Team is unaware of what specific objectives would be achieved by delaying a KSK roll". The plan was put on hold because of the data from September 2017. At the moment it is unknown if/when there will be a KSK roll. Is not doing a KSK roll by 2020 [1] a viable option?
As a Design Team member, let me say that the Design Team no longer really exists, and that we did not call for the delay. At the time, there were no statistics to base and decision on. We have some now from Sep 2017. It would be nice to get more. I understand ICANN was also trying to find out more and hired people to do so. What happened to that effort? Do we have new data? Do we have new sources of bad behaviour (eg software versions, OS versions, other issues?). Have we ruled out any software design/deployment issues? If we are waiting on more data, lets finish with the data. If we are not gathering more data, then there isn't any point in waiting. As for the voices of dnssec critics, most of that is so biased that there isn't much point of considering it. Or as Taylor Swift wisely said, Haters gonna hate hate hate hate. Paul