ISC DLV

Mark_Andrews1 · April 5, 2009, 9:37am

The fault has been rectified. We are still looking into the
underlying cause and what procedural changes need to be made to
prevent a repeat occurance.

Mark

bill3 · April 5, 2009, 10:09am

could ISC be a bit more open and transparent on what the
  underlying cause was, the path/steps between cause and effect,
  and the range of options/choices for mitigation and why the
  one chosen (presuming it was a procedural issue) was/is the
  best choice.

--bill

David_Conrad3 · April 5, 2009, 4:19pm

You should definitely demand your money back. Given the root servers don't provide this level of accountability, not sure why you think ISC should.

Stuff happens. If you've chosen to share fate with ISC for name resolution via DLV, then you should accept that it does and anticipate these sorts of outages. I'm sure the folks at ISC will attempt to minimize reoccurrence.

Regards,
-drc

bill3 · April 5, 2009, 6:34pm

>>
>>The fault has been rectified. We are still looking into the
>>underlying cause and what procedural changes need to be made to
>>prevent a repeat occurance.
>>
>>Mark Andrews, ISC
>
> could ISC be a bit more open and transparent on what the
> underlying cause was, the path/steps between cause and effect,
> and the range of options/choices for mitigation and why the
> one chosen (presuming it was a procedural issue) was/is the
> best choice.

You should definitely demand your money back. Given the root servers
don't provide this level of accountability, not sure why you think ISC
should.

  i think I shall..
  as far as I can tell, the root server operators have never claimed
  their services/operations are open & transparent. ISC (well Paul
  on behalf of ISC) has claimed they are open and transparent.

Stuff happens. If you've chosen to share fate with ISC for name
resolution via DLV, then you should accept that it does and anticipate
these sorts of outages. I'm sure the folks at ISC will attempt to
minimize reoccurrence.

  in fact it does. that does not negate the desire to know
  -WHY- stuff happens - a few of us are less than happy with a
  "it was broke, we fixed it, we'll try not to let it happen again"
  explaination.

  in this regard, I have been very impressed with Rich's documentation
  of the IANA alternate root. the processes are well documented and
  clear ... and to date, he's been pretty responsive when hicups occur
  and provides prompt feedback.

Paul_Vixie1 · April 5, 2009, 9:38pm

David Conrad <drc@virtualized.org> writes:

... I'm sure the folks at ISC will attempt to minimize reoccurrence.

yes. though with two outages in the last month, some early DLV adopters
might be getting a bit nervous. as with DNSSEC itself when folks first
started turning it on a few years ago, the failure codepaths for DLV are
inevitably not as well oiled as the success codepaths. (we're on it.)