[ksk-rollover] Concerns about KSK generation software quality.
S Moonesamy
sm+icann at elandsys.com
Fri Feb 23 21:00:03 UTC 2018
Hi Warren,
At 11:59 AM 16-02-2018, Warren Kumari wrote:
>In the "Suggested update" thread, Andres pointed me
[snip]
>While typos in error messages and comments are (clearly) not going to
>cause breakage, it does make me concerned that this code, which
>generates the single most critical DNSSEC keys, has not received
>sufficient careful review. These sorts of obvious typos are not
>themselves a problem, but rather indicative of a larger issue. While
>the obvious retort is "It is publicly posted in GitHub, and we asked
>the community to have a look. Send pull requests!", it appears that
>this hasn't resulted in enough review. I used to program C, but it has
>been long enough that now I'm only qualified to say "Well, that
>doesn't seem right!" - how do we get (more) review from people who are
>better qualified?
I agree that the software could be improved with a code review. As
far as I am aware, nobody else uses that software and that does not
help to get enough review.
Regards,
S. Moonesamy
More information about the ksk-rollover
mailing list