Hi Joe,
Useful draft. A couple of comments/questions:
In section 2.1:
"The document contains a complete set of
trust anchors for the root zone, including anchors suitable for
immediate use and also historical data."
This strikes me as asking for trouble after the trust anchor is rolled. I'm
not sure we want to codify ephemeral information like a trust anchor in an RFC.
In section 2.2:
" Each CSR will have a Subject with following attributes:
O: the string "ICANN"."
Out of curiosity, what happens if ICANN is no longer performing the IANA
functions contract?
In section 4:
" This document contains information about an existing service, and has
no IANA actions."
It seems to me this document is all about IANA actions, specifically the ones
that provide the existing service. I'd have assumed the IANA actions
associated with this document would be maintaining and updating the content at
the various URLs referenced in the document (in particular, pretty much all of
section 3).
Regards,
-drc
On Sep 29, 2010, at 8:47 AM, Joe Abley wrote:
> FYI
>
> Begin forwarded message:
>
>> From: internet-dra...@ietf.org
>> Date: 29 September 2010 12:45:03 GMT
>> To: i-d-annou...@ietf.org
>> Subject: I-D Action:draft-jabley-dnssec-trust-anchor-00.txt
>> Reply-To: internet-dra...@ietf.org
>> list-id: Internet Draft Announcements only <i-d-announce.ietf.org>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>>
>> Title : DNSSEC Trust Anchor Publication for the Root Zone
>> Author(s) : J. Abley, J. Schlyter
>> Filename : draft-jabley-dnssec-trust-anchor-00.txt
>> Pages : 16
>> Date : 2010-09-29
>>
>> The root zone of the Domain Name System (DNS) has been
>> cryptographically signed using DNS Security Extensions (DNSSEC).
>>
>> In order to obtain secure answers from the root zone of the DNS using
>> DNSSEC a client must configure a suitable trust anchor. This
>> document describes how such trust anchors are published.
>>
>> A URL for this Internet-Draft is:
>> http://www.ietf.org/internet-drafts/draft-jabley-dnssec-trust-anchor-00.txt
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>>
>> Below is the data which will enable a MIME compliant mail reader
>> implementation to automatically retrieve the ASCII version of the
>> Internet-Draft.
> <Mail Attachment>
>> _______________________________________________
>> I-D-Announce mailing list
>> i-d-annou...@ietf.org
>> https://www.ietf.org/mailman/listinfo/i-d-announce
>> Internet-Draft directories: http://www.ietf.org/shadow.html
>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
