On Thu, Nov 27, 2008 at 07:49:13PM +0000, Matthew Ford <ford@xxxxxxxx> wrote a message of 13 lines which said: > After all the years of FUD surrounding DNSSEC deployment, I feel > quite strongly that having the IETF do as you suggested and then be > able to point to 'no discernible impact' on the network would be a > significant milestone. That would prove nothing: failures will DNSSEC do not happen every day. Signatures expire, people stop signing without telling the parent zone, keys rolls over, but it may not happen during these few days. You see the actual problems with DNSSEC (which are *not* FUD) when you run it every day, for several months. <flame>Read the pro-DNSSEC responses to US govermnent's survey <http://www.ntia.doc.gov/dns/dnssec.html> and see how many of these people who tell Obama to sign, signed themselves their zone.</flame> _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf