> The root zone always > resigns, and on average 2x a day (sometimes 3-ish) and uses 14 day > RRSIGs.
Operation of the root zone is outside control of the IETF, so the question is whether the IETF should create standards that depend on how the root is currently signed? Another way of looking at this, suppose that at some point in time essentially all recursors have a local root. The root gets signed on average twice a day so all recursors download a copy of the root zone twice a day. Then people operating the distribution network notice the huge waste of bandwidth transferring copies of the zone even though the is no real need to do so. Somebody proposes to switch to incremental signing. Unfortunately, the IETF only standardized full transfers of the root zone and incremental signing would not help to reduce the amount of bandwidth required. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
