[ksk-rollover] [Ext] Re: Starting discussion on acceptable criteria for proceeding with the root KSK roll
David Conrad
david.conrad at icann.org
Sun Jan 7 17:53:57 UTC 2018
Stephane,
On January 6, 2018 at 12:28:31 PM, Stephane Bortzmeyer (bortzmeyer at nic.fr<mailto:bortzmeyer at nic.fr>) wrote:
> Just to level set and argue the extreme, if we had data that
> suggested that 100% of validating resolvers would fail, would you
> personally pull the trigger that causes the KSK rollover?
If there were this data, no, because it would mean there is a general
problem, may be a broken protocol that the IETF would need to fix. But
we are not at 100 %, we now that key rollover can work, just not for
everyone.
Right. What if that number was 75%? Or 50%? The data we have says that the part of everyone for which the roll isn’t going to work is the number of users sitting behind around 8% of 8145-reporting resolvers. Is that low enough? Is it even a useful measure?
100 % failure is an easy case to handle: it means there is clearly a
problem, and which does not reside in the ordinary sysadmin. But we
are not in the easy case.
Yes. Which is why we’re looking for input on how to move forward.
Regards,
-drc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20180107/c45d6262/attachment.html>
More information about the ksk-rollover
mailing list