Hi, By adding text on using this technique for bootstrapping the chain of trust, there are some inconsistencies:
1. In the Abstract it says: "This document does not address the initial configuration of trust anchors for a domain." But now it does (minimally). 2. In Section 4.1: I would like to see a different rewording for the Signer rule to reflect the initial enrollment scenario (see other mail). I'll repeat it here: (unless the parent uses the CDS / CDNSKEY RRset for initial enrollment, in that case the parent validates the CDS / CDNSKEY though some other means (see Section 6.1 and the Security Considerations.)) 3. In Section 6.1: Two typos: enrolment -> enrollment, delgation -> delegation. Best regards, Matthijs On 04/17/2014 12:58 AM, Tim Wicinski wrote: > > https://datatracker.ietf.org/doc/draft-ietf-dnsop-delegation-trust-maintainance/ > > > > All > > Please take a look at version -10 of this draft. I believe that the > authors have addressed all the issues that were raised during the very > comment period. > > I believe that draft-ietf-dnsop-delegation-trust-maintainance-10 has > reach working group consensus. I urge folks to give it one last look > and if there is anything you wish to raise, please raise directly, > otherwise silence is agreement. > > I want to thank all the individuals who contributed comments and feedback. > > > tim > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
