[ksk-rollover] Future rollover planning opportunities

Fred Baker fred at isc.org
Wed Feb 20 00:42:02 UTC 2019 

ISC put about ten hours into the recent rollover - validating and testing, etc. To our way to thinking, the roll-over was far more of an event for the resolvers than it was for us. That probably says something about the frequency of roll-over events - if they were happening daily or weekly and we were putting ten hours into each event, we would begin to be concerned, but if they happened quarterly or annually we don't think we would be bothered - and might even think it was a good idea.

The key consideration is that key rollovers are a "usual" event, and as such the key(s) should be something learned from the root and the root servers, not something configured or compiled into the resolver software.

> On Feb 19, 2019, at 3:22 PM, Kim Davies <kim.davies at iana.org> wrote:
> 
> Colleagues,
>  
> We are continuing to implement the final phases of the KSK-2017 rollover for the DNS Root Zone.
>  
> While there are no plans to immediately schedule any subsequent planned rollover, we recognize this is a good opportunity to gather feedback while everyone’s experience with this rollover is still fresh in mind. Feedback from the community will inform our future strategy.
>  
> We welcome feedback, particularly to this list, on what should be considered in designing the process for performing future rollovers. We are also planning to hold a number of outreach efforts in the coming months to capture further input. These sessions are being led by the ICANN’s Office of the Chief Technology Officer (OCTO) in coordination with IANA staff. These sessions will be at:
>  
> 	• ICANN 64 in Kobe, as part of the DNSSEC workshop;
> 	• IETF 104 in Prague, as a proposed BOF; and
> 	• The 3rd ICANN DNS Symposium in Bangkok
>  
> The feedback we receive will be used by the IANA team to develop a draft plan later in the year that we intend to share for public review.
>  
> Thanks in advance.
>  
> kim
> _______________________________________________
> ksk-rollover mailing list
> ksk-rollover at icann.org
> https://mm.icann.org/mailman/listinfo/ksk-rollover

More information about the ksk-rollover mailing list