[ksk-rollover] new ksk and DNS software vendors
Tony Finch
dot at dotat.at
Thu Mar 28 16:16:11 UTC 2019
manu tman <chantr4 at gmail.com> wrote:
>
> During the BoF session this morning, it was asked how long it would take
> vendors to incorporate the new KSK in their software.
> The few that spoke said it was a relatively short time.
I think this will depend a lot on whether the patch is distributed as a
routine change or as a security-critical fix. I think it won't look
particularly good if the whole DNS gets a CVE every year just to roll the
keys in a timely fashion :-)
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
South Utsire, Forties: Southwesterly 5 or 6. Moderate or rough, occasionally
slight. Fair. Good.
More information about the ksk-rollover
mailing list