Re: [dnsext] A question about the need for "historical keys"

[Paul Wouters <paul@xelerance.com>]

On Fri, 28 Jan 2011, Ted Lemon wrote:

> On Jan 28, 2011, at 1:26 PM, John Bashinski wrote:
>> Take the Linksys home routers. My guess is that maybe a couple of
>> percent of them *ever* get firmware updates.
>
> Before you use this as a basis for argument, it might be worth your while to (not in this discussion) explore the question of *why* they don't get updates.   From my own personal experience, this is not because of a lack of demand.

You can ask the firefox people. They have seen a massive increase in updates just
by sneakilly downloading the update in the background and telling the user "the update
is ready to be installed, proceed?". The users who tend not to be able to manually
update a product is exactly the class of users that will say "if it aint broken, don't
fix it".

I think the case of the consumer router is a good one. We all have a box of these old
routers. If our router, or a friends router breaks, we pull out a device and give it to
them. Where we might update it before giving it, non-geeks will just hand it over. It
worked two years ago, why would it not work now?

The receiver will likely factory default it (because they and/or you forgot the password).

Likely, at that moment they won't have an internet connection, because that's why they
needed the router. It has just to work without updates. If this device now has an old root
key and no automated way of updating it, your friend will not have a working internet
connection, and the device is considered "broken".

And there are many more scenarios. A more enterprise aimed product might require that
you know the vendor login/password before you can download the upgrade.

Paul