DNSOP members, Today a group of us submitted a draft starting to document the operational steps (and issues) around deploying new crypto algorithms within DNSSEC. This builds off of a couple of sessions we've had at DNSSEC Workshops at ICANN meetings as well as various mailing list discussion. This overall discussion about deploying new DNSSEC crypto algorithms will continue with a session organized by Ondrej Sury at DNS-OARC on April 1 in Buenos Aires and then another one at RIPE in Copenhagen.
The goal right now is to document the deployment steps so that there is a common understanding and operational guidance can be provided. Ideally in the process we may also highlight opportunities for improvement of operational processes. Comments and feedback are definitely welcome. Thanks, Dan Begin forwarded message: From: <internet-dra...@ietf.org<mailto:internet-dra...@ietf.org>> Subject: New Version Notification for draft-york-dnsop-deploying-dnssec-crypto-algs-00.txt Date: March 21, 2016 at 2:29:57 PM EDT To: "y...@isoc.org<mailto:y...@isoc.org>" <y...@isoc.org<mailto:y...@isoc.org>>, Ondrej Sury <ondrej.s...@nic.cz<mailto:ondrej.s...@nic.cz>>, "Olafur Gudmundsson" <olafur+i...@cloudflare.com<mailto:olafur+i...@cloudflare.com>>, Dan York <y...@isoc.org<mailto:y...@isoc.org>>, "Paul Wouters" <pwout...@redhat.com<mailto:pwout...@redhat.com>> A new version of I-D, draft-york-dnsop-deploying-dnssec-crypto-algs-00.txt has been successfully submitted by Dan York and posted to the IETF repository. Name: draft-york-dnsop-deploying-dnssec-crypto-algs Revision: 00 Title: Observations on Deploying New DNSSEC Cryptographic Algorithms Document date: 2016-03-21 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/internet-drafts/draft-york-dnsop-deploying-dnssec-crypto-algs-00.txt Status: https://datatracker.ietf.org/doc/draft-york-dnsop-deploying-dnssec-crypto-algs/ Htmlized: https://tools.ietf.org/html/draft-york-dnsop-deploying-dnssec-crypto-algs-00 Abstract: As new cryptographic algorithms are developed for use in DNSSEC signing and validation, this document captures the steps needed for new algorithms to be deployed and enter general usage. The intent is to ensure a common understanding of the typical deployment process and potentially identify opportunities for improvement of operations. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. The IETF Secretariat -- Dan York Senior Content Strategist, Internet Society y...@isoc.org<mailto:y...@isoc.org> +1-802-735-1624 Jabber: y...@jabber.isoc.org<mailto:y...@jabber.isoc.org> Skype: danyork http://twitter.com/danyork http://www.internetsociety.org/
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
