-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/21/2012 05:53 PM, Paul Hoffman wrote: > On Aug 21, 2012, at 12:12 AM, Matthijs Mekking > <matth...@nlnetlabs.nl> wrote: > >> I am afraid that one document just isn't sufficient. Adding a >> rollover time line requires a fair amount of pages to cover the >> timing details (at least with the current approach). The current >> document now covers six time lines. When we want to add time >> lines for Single Type Signing Scheme, Algorithm Rollover and >> Policy Rollover, we can come up with about ten more time lines. >> It would become a very lengthy document, arguably even longer >> than 4641bis ;). In my opinion, it would be better to categorize >> them and deal with them over multiple documents (one document per >> category). >> >> We then could use one document which has the base terminology, so >> we can refer to, for example, the key state definitions in >> future documents. However, then we have to make sure that the key >> state definitions are flexible enough to be able to describe >> these other rollovers (and I am afraid that the current key state >> definitions are not). > > I disagree that seven or eleven documents would be best for > operators. Having more than one requires them to know the RFC > numbers for all the documents for which they are possibly > interested. Other WGs have problems with developers having to know > about three RFCs for a protocol; it seems odd to think that us > having a dozen documents for operators is a good idea.
I am not talking about seven or eleven. Although I did not wrote down an actual number, I could foresee three: One for KSK and ZSK rollovers, one for so called CSK rollovers and one for key timings with respect to policy rollovers (including algorithm rollover). Seven or eleven are indeed somewhat ridiculous numbers. Three is okay imho, especially if you put in the base document references to the other ones. Best regards, Matthijs > > Long documents are not a problem if they are reasonably well > organized with truly parallel sections. > > --Paul Hoffman _______________________________________________ > DNSOP mailing list DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJQNHSSAAoJEA8yVCPsQCW5f8gH/1JXSWDKr7ZCADlYYP89VlC4 JNmjutD1yXM7k21A34ZJtgyxnXjXhqVwMpJOSZhmtJhaHaDwI86gw5e+teC+xx3a TUmrC2s95FmcY00V8oZx7JjyHLLBmLhVaqUL6QNr/QuSYDPD5afWvQyVdfDMhygY oMuIDla1CXmkZE/ZKTn8eaGmloSCoeYa+xnR9WROTbp3En8NByTcSjwahPtxBHVK vhTlzrBVMk9wdZpzZQJikqaIiWG4UXa7GAG+dZ94ha7prt6unIfeEFA3Z0oIkTXZ tgOCM7OfpLIJ5cInTPl62CP/gTul8zLYVQfKrAGFBPN81BXGresXCBvtcYCCL5g= =Wgsz -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
