Olafur Gudmundsson wrote: > At 11:00 11/02/2008, [EMAIL PROTECTED] wrote: > > >> Title : DNSSEC Trust Anchor Configuration and Maintenance >> Author(s) : M. Larson, O. Gudmundsson >> Filename : draft-ietf-dnsop-dnssec-trust-anchor-01.txt >> Pages : 14 >> Date : 2008-02-11 > > The changes since last version include, number of grammatical and English > improvements. Security considerations has been improved. >
Just an open suggestion, but should there be more text to clarify what happens when a zone intends to delete it's outstanding trust anchors and link its security through its parent by having a DS RR in the parent zone? There is text in RFC 5011 on how a zone operator does this, but there isn't a lot of detail in this draft. Worst case scenario is that the validator declares the zone responses bogus, which isn't good. I agree with Suresh's comment about limiting truncation. I don't have a good number in mind though. It is a good document otherwise. Scott > The editors think this document is ready for WGLC, please send in comments. > > thanks > Matt & Olafur > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > http://www.ietf.org/mailman/listinfo/dnsop > -- ---------------------------------------- Scott Rose Computer Scientist NIST ph: +1 301-975-8439 [EMAIL PROTECTED] http://www-x.antd.nist.gov/dnssec http://www.dnsops.gov/ ----------------------------------------- _______________________________________________ DNSOP mailing list DNSOP@ietf.org http://www.ietf.org/mailman/listinfo/dnsop
