Andrew,
On Aug 18, 2008, at 6:29 AM, Andrew Sullivan wrote:
When the CTO receives the incident report, the CTO is going to say,
"So if
we never turned on DNSSEC, this wouldn't have happened? Ok. New
policy: no DNSSEC."
In today's Internet, most network engineers (at least at real
companies) don't go turning on new, weird technologies for fun. If
some technology is going to be deployed, there is generally a business
reason for that to happen. If there is a failure of that technology,
it may make sense to back out of deployment, but presumably that
failure does not remove the business reason that caused the technology
to be deployed in the first place. As such, the new policy most
likely will have an "unless <condition>" clause.
Regards,
-drc
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop