dlv web site - was Re: dnssec lookaside to dlv.isc.org broke recursion

[D. Stussy]

"Mark Andrews" <Mark_Andrews at isc.org> wrote in message
news:gdtodb$gsr$1 at sf1.isc.org...
> In message <gdqp0v$57o$1 at snarked.org>, "D. Stussy" writes:
> > "Florian Weimer" <fw at deneb.enyo.de> wrote in message
> > news:gdqfih$l14$1 at sf1.isc.org...
> > > * Vinny Abello:
> > > > I've got two recursive DNS servers running on FreeBSD 7.0 each with
> > > > BIND 9.4.2-P2. I got a call this morning that DNS lookups were
broken.
> > >
> > > The annual key rollover for dlv.isc.org happened 30 days ago, and the
> > > transition period is now over.  You probably failed to perform that
> > > rollover.
> >
> > I see nothing on the resource https://secure.isc.org/ops/dlv/index.php
that
> > tells us that there is a periodic rollover of the key-signing-key for
the
> > DLV.  I expect that the zone-signing-key ("256") and ONLY that key will
be
> > changed every month.  The key-signing-key shouldn't be changed very
often
> > (if at all).  Remember that this is a transitional mechanism that should
> > only be in place for a short number of years.
>
> See DLV Registry Policy and Practice which is linked off of
> that page.
>
> https://secure.isc.org/ops/dlv/dlv-pol-pract-v1.0.php

OK, I see the link, but note that it is the bottom link of a list of ANCHORS
within the current page, so it may be easily overlooked (and was by me,
expecting a section to address the topic to appear later in the main page).

If you're going to keep a link to an external page among in-page anchors,
you should specify somehow that it links to another resource.  However, I
would prefer that you remove the link from the list of anchor links and
simply show it elsewhere on the page to avoid all confusion.

> The trusted keys have always been described as ...