In your letter dated Tue, 31 Jul 2018 06:49:04 -0700 you wrote: >> I think there is a big difference between distributing the root zone and >> distributing a few 'local' zones. >> >> In the first case you need something that is massively scalable. > >I'm afraid I don't see those as different problems like you do. I'd >like a massively scalable way of distributing any zone, not just the >root. If for no other reason, .arpa and root-servers.net should be >included too, for example. > >Yes, huge zones like .com and similar are not possible. But there are >many other TLDs that likely are possible to pre-cache and serve locally.
I'm curious how that is going to be provisioned at a large scale. We don't really know how to roll the KSK of the root zone. I wonder how we are going to manage thousands, maybe millions, and if you are unlucky billions of devices that want to fetch some zone files. Would we paint ourselves into a corner with repect to TTLs? Currently, if the root would need to have lower TTLs then that would require coordination with the root server operators, but that's it. If many devices are hardwired to fetch the root at a fixed rate, you can't do that. If you make the rate a parameter then the first time you try to lower it, you find that some large subset accidentally wired the parameter. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
