Sheesh..I thought we were talking about engineering issues. Speaking only as the humble engineer who helped develop the publication methods and wrote the software that generates all the pieces, the most recent draft does describe what my programs, scripts, and other pieces do. If there is any technical variance, please let me know I don’t pretend to be perfect. I run another copy of some of the pieces on my KSK rollover test setup now, so id like to know.
I have no opinion regarding the more abstract discussion regarding where such a description belongs and look to learn from those better versed in that subject. -Rick From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of George Michaelson Sent: Monday, October 5, 2015 8:07 AM To: Joe Abley <jab...@hopcount.ca> Cc: dnsop WG <dnsop@ietf.org>; Paul Hoffman <paul.hoff...@vpnc.org> Subject: Re: [DNSOP] Expiration impending: <draft-jabley-dnssec-trust-anchor-11.txt> If its on the internet, its not out of band. On Mon, Oct 5, 2015 at 9:55 AM, Joe Abley <jab...@hopcount.ca<mailto:jab...@hopcount.ca>> wrote: On 5 Oct 2015, at 10:42, George Michaelson wrote: > Something very left field for me, but I believe important, is that we need > to also publish the out-of-band publication point of the trust material. This draft is exclusively concerned with publishing trust anchors out-of-band of the protocol. > I mentioned this to Joe some time ago and was very correctly told "out of > scope" but I believe its nonsensical to exclude physical publication, eg in > newspapers of record for at least 3 economies worldwide, of the hash of the > public key as a standing event. This draft aims to document current practice. To my knowledge, nobody has ever published a trust anchor (or even a pointer to it) in print media. > In-band only has some issues for me, if we are talking about trust. Me too, hence the decision by ICANN to publish trust anchors using out-of-band mechanisms in 2009/2010, as this draft aims to document. Joe
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
