Speaker
Description
Although DS provisioning automation (RFCs 7344, 8078, 9615) is well-defined on the wire, actual deployment faces various degrees of freedom, leading to non-uniform behavior across parents. For example, the presence of registration locks may (or may not) affect DS automation, and there are different ways to perform CDS/CDNSKEY input validation, report errors, or to handle priority of updates (such as from a manual submission). The lack of related operational guidance has been identified as the main obstacle to DS automation in the gTLD space. We therefore propose a set of practical guidelines on DS automation, so that new deployments can satisfy domain holders' expectation of predictable behavior across TLDs. We invite the audience to discuss, so that the proposal can be amended to best reflect the community position on how to best automate DS provisioning.
| Talk duration | 20 Minutes (+5 for Q&A) |
|---|---|
| Other conferences? | Old iteration presented at IETF; this one is to involve operators' views. |
