Thanks Matthijs and Jinmei for the final review, and Warren for the
final edits.
I'm taking that latest version:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-delegation-trust-maintainance/
is the latest and apparently the last version. I'll submit this to the
IESG unless I hear any major protest, as we appear to be back in consensus.
tim
On 4/17/14, 1:08 PM, Warren Kumari wrote:
On Thu, Apr 17, 2014 at 4:52 AM, Matthijs Mekking <matth...@nlnetlabs.nl> wrote:
Hi,
By adding text on using this technique for bootstrapping the chain of
trust, there are some inconsistencies:
1.
In the Abstract it says:
"This document does not address the initial configuration of
trust anchors for a domain."
But now it does (minimally).
True.
I updated it to be "This document does not address the initial
configuration of trust anchors for a domain in depth", but that
sounded stupid, so I just yanked it out.
Thanks.
2.
In Section 4.1:
I would like to see a different rewording for the Signer rule to reflect
the initial enrollment scenario (see other mail). I'll repeat it here:
(unless the parent uses the CDS / CDNSKEY RRset for initial enrollment,
in that case the parent validates the CDS / CDNSKEY though some other
means (see Section 6.1 and the Security Considerations.))
Thanks.
3.
In Section 6.1:
Two typos: enrolment -> enrollment, delgation -> delegation.
Doh! I just ran spellcheck and it found a bunch of other typos too --
one day I'll learn to type...
Best regards,
Matthijs
On 04/17/2014 12:58 AM, Tim Wicinski wrote:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-delegation-trust-maintainance/
All
Please take a look at version -10 of this draft. I believe that the
authors have addressed all the issues that were raised during the very
comment period.
I believe that draft-ietf-dnsop-delegation-trust-maintainance-10 has
reach working group consensus. I urge folks to give it one last look
and if there is anything you wish to raise, please raise directly,
otherwise silence is agreement.
I want to thank all the individuals who contributed comments and feedback.
tim
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
