Shane Kerr <shane@time-travellers.org> wrote:
Generally we leave the details of exactly how stuff works up to the RIPE NCC, and I think that makes sense for any request about RFC 7344 support.
That makes things easier for me :-)
My own thinking is that we can request update & deletion support immediately, since those are clearly specified, but that we need to think a bit about what recommendations we can make for bootstrapping adding DS records, if we want that at all (I think we do, but reasonable people may disagree).
I would be happy with just RFC 7344 updates and RFC 8078 deletion, but I agree RFC 8078 bootstrapping should be a goal. The implementations at CZ.NIC and SWITCH have full RFC 7344 and RFC 8078 support. https://www.nic.ch/export/shared/.content/files/SWITCH_CDS_Manual_en.pdf https://ripe75.ripe.net/presentations/123-CDNSKEY-FRED-KNOT-RIPE75.pdf The timings are different, though: SWITCH requires consistent results for 3 days in all cases; for bootstrapping they also require consistent results over TCP from all nameservers. CZ.NIC does updates as soon as a daily scan finds CDS/CDNSKEY recrods requesting a change; bootstrapping requires 7 days of consistent results over TCP from all nameservers. (I think I prefer the CZ.NIC timings.) The usual RIPE database change notification emails should occur for CDS changes - cf. the CZ.NIC notifications. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Fisher: Variable 3 or 4, becoming southeast 4 or 5 later. Slight. Fair. Good.