All, I'm about to submit the change request for signing our zones, and in our standard-form requests I'm required to submit a backout plan. What is the recommended/safe rollout/backout plan for signing a zone? I presume it goes something like this: 1. Insert DNSKEY records; wait for them to propagate (SOA TTL) 2. Sign the zone, increment the serial#, re-publish 3. Observe operation 4. If all is well, publish DLV record (or DS to parent) Assume this happens and *then* a problem is reported; how do I roll back? I note the TTLs in "dlv.isc.org" are 3600, so presumably it will take an hour (worst case) to "unpublish" a DLV. Comments welcome.