Re: [DNSOP] CDS/CDNSKEY Deployment
Daniel Stirnimann <daniel.stirnimann@switch.ch> Thu, 13 January 2022 13:12 UTC
Return-Path: <daniel.stirnimann@switch.ch>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 980C03A0980 for <dnsop@ietfa.amsl.com>; Thu, 13 Jan 2022 05:12:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.813
X-Spam-Level:
X-Spam-Status: No, score=-7.813 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.714, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=switch.ch
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KnJXP1rIMx98 for <dnsop@ietfa.amsl.com>; Thu, 13 Jan 2022 05:12:11 -0800 (PST)
Received: from mx2.switch.ch (mx2.switch.ch [85.235.88.33]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B30D13A033F for <dnsop@ietf.org>; Thu, 13 Jan 2022 05:12:10 -0800 (PST)
X-Virus-Scanned: by SpamTitan at switch.ch
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=switch.ch; s=selector1; t=1642079524; bh=U/eOFilLL8v2ue5PPY4wNnLW9jOyQDtP+A0hxMsxtuM=; h=Date:Subject:To:References:From:In-Reply-To; b=U8ZalwXmsnUYttAh5o1YHTVOuLKwx2oniiOmx6h9NE1+G387YqvcU2EGAep5k6lhz D7AsH1taEdF4mO0t5kDreQE58H7DOG42QfbEqthNUasFs3JOANnWSiMjV39pPG9YQJ 80fBcAtlcp68IonkincygJDYJNu7XL2qkIqLrfgzjeiKuolT9vG8bF8EmGAc1/HeEV 2m11Sw6C7sc4MlmQz4bnxMw8o4gnXjYG6E7nbcnDlR6HuWB+jR6VzMhcHHHsYWXX8S V1H2A9tjf6TVNuR+3QluuNoSFuDziDMiFH+E0k6iFExFOGpKGXE3wp695rGddHtPrO OhW2/tuqgxjfw==
Authentication-Results: mx2.switch.ch; x-trusted-ip=pass
Received: from SWH-S04-EXC2.swd.switch.ch (unknown [172.16.60.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.switch.ch (Postfix) with ESMTPS id C8112857BC2; Thu, 13 Jan 2022 14:11:58 +0100 (CET)
Received: from [130.59.116.144] (172.16.60.33) by SWH-S04-EXC2.swd.switch.ch (172.16.60.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.15; Thu, 13 Jan 2022 14:11:59 +0100
Message-ID: <eb5b99f1-9e4b-537d-097a-635816458f1b@switch.ch>
Date: Thu, 13 Jan 2022 14:11:59 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.5.0
Content-Language: en-US
To: Eric Rescorla <ekr@rtfm.com>, dnsop WG <dnsop@ietf.org>
References: <CABcZeBMrRDqgCbNAAL=zjRqNZ-u8orw0G_2Wk5kZjxhR8WKnxw@mail.gmail.com>
From: Daniel Stirnimann <daniel.stirnimann@switch.ch>
In-Reply-To: <CABcZeBMrRDqgCbNAAL=zjRqNZ-u8orw0G_2Wk5kZjxhR8WKnxw@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [172.16.60.33]
X-ClientProxiedBy: SWH-S06-EXC4.swd.switch.ch (172.16.60.18) To SWH-S04-EXC2.swd.switch.ch (172.16.60.12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/YW8K__tIu0NvJj-jtL6_lO_ReiQ>
Subject: Re: [DNSOP] CDS/CDNSKEY Deployment
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jan 2022 13:12:17 -0000
Hi Eric, Some statistics for .ch/.li which are some of the few TLDs supporting CDS/CDNSKEY [1]. For 2020 we processed: 189'206 BOOTSTRAP 518 DELETE 44'749 ROLLOVER Slide 3 [2] contains some more historical numbers. Context about the number of signed delegations in .ch [3]. Daniel [1] https://github.com/oskar456/cds-updates/ [2] https://68.schedule.icann.org/meetings/EqJCzT5N6kcZhh2TT [3] https://www.nic.ch/statistics/dnssec/ On 13.01.22 04:12, Eric Rescorla wrote: > Hi folks > > Does anyone have stats on the deployment of CDS and/or CDNSKEY? I see > that Chung et al. report very low deployment in 2017, but maybe things > have changed? >
- [DNSOP] CDS/CDNSKEY Deployment Eric Rescorla
- Re: [DNSOP] CDS/CDNSKEY Deployment Daniel Stirnimann
- Re: [DNSOP] CDS/CDNSKEY Deployment Daniel Stirnimann
- Re: [DNSOP] CDS/CDNSKEY Deployment Moritz Müller
- Re: [DNSOP] CDS/CDNSKEY Deployment Mark Elkins
- Re: [DNSOP] CDS/CDNSKEY Deployment Nils Wisiol