[Yeti DNS Discuss] First KSK rollover in Yeti Testbed
宋林健
ljsong at biigroup.cn
Wed Jul 1 08:14:28 UTC 2015
I think so. it is a big challenge on resolve side, I think. From server side, the only concern is the larger response packets can fit in IPv6 network.
Davey
------------------ Original ------------------
From: "Stephane Bortzmeyer"<bortzmeyer at nic.fr>;
Date: Wed, Jul 1, 2015 03:41 PM
To: "ljsong"<ljsong at biigroup.cn>;
Cc: "discuss"<discuss at lists.yeti-dns.org>;
Subject: Re: [Yeti DNS Discuss] First KSK rollover in Yeti Testbed
On Tue, Jun 30, 2015 at 06:14:54PM +0800,
Davey Song <ljsong at biigroup.cn> wrote
a message of 147 lines which said:
> NOTE THAT: the Yeti KSK is going to rollover 2.5 hours later. The
> yeti KSK (RSASHA256 2048) rollover every three month.
Correct me if I'm wrong but it means that:
* root name server operators are not concerned
* resolver operators who do not implement RFC 5011 (or who did not
update the trust anchor by hand) will suffer.
Correct?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yeti-dns.org/pipermail/discuss/attachments/20150701/838f66d6/attachment.html>
More information about the discuss
mailing list